www.dcfever.com Open in urlscan Pro
210.184.251.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dcfever.com/users/profile.php?id=1172991
Submission: On October 09 via manual (October 9th 2023, 2:27:51 am UTC) from VN — Scanned from DE

Summary HTTP 156 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 44 IPs in 12 countries across 30 domains to perform 156 HTTP transactions. The main IP is 210.184.251.68, located in Hong Kong and belongs to IS-AP iAdvantage Limited, HK. The main domain is www.dcfever.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 7th 2022. Valid for: a year.

This is the only time www.dcfever.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	210.184.251.68 210.184.251.68	9729 (IS-AP iAd...) (IS-AP iAdvantage Limited)
22	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	210.184.251.82 210.184.251.82	9729 (IS-AP iAd...) (IS-AP iAdvantage Limited)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3 9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
4	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.9.250.12 3.9.250.12	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	99.81.152.59 99.81.152.59	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	18.185.230.6 18.185.230.6	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.216.136 35.214.216.136	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	18.135.155.178 18.135.155.178	16509 (AMAZON-02) (AMAZON-02)
156	44

8 210.184.251.68 (Hong Kong) 1 redirects

ASN9729 (IS-AP iAdvantage Limited, HK)

www.dcfever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn10.dcfever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn01.dcfever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dcfever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.184.251.82 (Hong Kong)

ASN9729 (IS-AP iAdvantage Limited, HK)

adx.adxglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Schoenwalde, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.250.12 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-250-12.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.152.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-152-59.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.230.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-230-6.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.216.136 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 136.216.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.155.178 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-155-178.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	349 KB
30	dcfever.com 1 redirects www.dcfever.com cdn10.dcfever.com cdn01.dcfever.com — Cisco Umbrella Rank: 748287 static.dcfever.com	291 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	349 KB
20	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	81 KB
12	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	448 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900013.redintelligence.net — Cisco Umbrella Rank: 346285	38 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 secure.adnxs.com — Cisco Umbrella Rank: 542	4 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
4	adxglobal.com adx.adxglobal.com	4 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	18 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 51750	1 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502 ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275	53 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	244 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	34 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1165	414 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	576 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2517	199 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	544 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	104 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	702 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
156	30

	Domain	Requested by
19	pagead2.googlesyndication.com	www.dcfever.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	cdn01.dcfever.com	www.dcfever.com cdn01.dcfever.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	static.criteo.net	ads.eu.criteo.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.dcfever.com	1 redirects www.dcfever.com
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	www.gstatic.com	www.dcfever.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	hal900013.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900013.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900013.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	adx.adxglobal.com	www.dcfever.com adx.adxglobal.com
3	pv.medialead.de	hal900013.redintelligence.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	www.dcfever.com adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	sync.1rx.io	2 redirects
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	cdn10.dcfever.com	www.dcfever.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	csync.loopme.me	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	secure.adnxs.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	match.360yield.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	hal900013.redintelligence.net
1	track.webgains.com	googleads.g.doubleclick.net
1	www.awin1.com	hal900013.redintelligence.net
1	adv.office-partner.de	hal900013.redintelligence.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.dcfever.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.dcfever.com	www.dcfever.com
1	ajax.googleapis.com	www.dcfever.com
156	50

This site contains links to these domains. Also see Links.

Domain
www.azpartsnow.com
apps.apple.com
play.google.com
www.youtube.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
dcfever.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-03`	a year	crt.sh
cdn10.dcfever.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn01.dcfever.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.dcfever.com/users/profile.php?id=1172991
Frame ID: 0F88CFD08260515E73FD4D73AFC9BF9A
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: E12AF14A2694920DBE53D55CB6CA1E4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=785354580&adf=1610234373&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465940&bpp=86&bdt=1997&idt=161&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&correlator=3891405826101&frm=20&pv=2&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=U4K32Ne4yy&p=https%3A//www.dcfever.com&dtd=175
Frame ID: E53B72923400B09A0983489E6B4CA578
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=250&slotname=3974334687&adk=738776673&adf=3271635628&pi=t.ma~as.3974334687&w=300&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465944&bpp=83&bdt=2000&idt=177&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&prev_slotnames=5424819499&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1078&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zHCAa3bwkd&p=https%3A//www.dcfever.com&dtd=181
Frame ID: 2B71140AEEADCF66A5FA9C74867D1801
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSNlIgACPqwH_Z1VAA0ws8vEERoUe0cMAGU59w&u=%7C7sDFIQg4ce4EnVVO8bx4B3VFDR9%2F0y2ytroar58PWjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku49oDwE7iqWIdSAHg0_OWJVXIwuO7OwQQXiqYEBcBPwcInwIIIO1OkmtDp0tDML2JfoBcHQNL7_bsTUjgjf7moTrgDTOMyQfvWSTuqtbjqKMceEVSI54wNa8OE82eMocVUnWGoSWolY7Lg2pDtuvUS5DqsgKrE8L4wz5w4IJRY_TebefKAVPP1pQpV9b-1xV5Kl-JMzLge3ARRiYuyC7vZMSf102Dl6HDpNtA7LWAYKwcwGl0vvKz3MEiNfWQA69wSEvmzG2B2FWPjznShHVjtmUXJg7VUfzfY-gM0lvlS74DP9YMg-VCsZ2bcLh0A4euo-or6yLA2hyD6ju5Z1cfhey2p6Z0zgGxAkv1vx_3XdqueUGo0fExMDccTf563PmZtIkDga9l_Q5OhwWzHFGUaaTuVfUUP2SQvccZ0H0N6u-l8dVD8novODdZ2TVJa4YP7BzcGZlcJNp9WwD_kG-u8xPofW7TYogifjf1qwaffhZvmAggokwwvLrO4fk5ukyUw11Usqd_t7YZnjKixOV7S2Im53e_B_otypLfFrMdmlzM7-sJWEBtU7IM4solr7tSDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtyMZImUjZaz9CNW69u8Ps-G0yA_JntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMzgzMzY4MzQwMjQ5MjbIAQmpAs4bsBDdwrE-qAMByAMCqgSLAk_QmFuCQIBK96L2ccq2egWnqGosoXfeCPtlQ0gYbwtIqpiamFty4vHR_YBthtarWcnqma8L4VRZD9ohK2eribwVbCKr7ipj0_02vMEtKsL1d-n4jHoh9gNmUkZRE_JSU9wRA4CaNJkgaEOqoNk9r-0TMJkZLoELXHarzk67dg7I7lN8n918JHXVu7vGTYG45TLKeSMhCNCcyYDTpffpOA25Fma_lycP3LOAhPqlHFkgYGVTohI2maWci8ue-IBS3ejOBvsMOfn6DdqRzbIlEq-434swtM-ytQ_gLgdJk5KX7HYDGnqyGeF-b7z8qE1aBunnuALfw443izFzmH9taJsmHSkuV_xcMtPsY4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sOtDKYyh5GTIvMkSmVxyI82kS_g%26client%3Dca-pub-8038336834024926%26adurl%3D
Frame ID: 46865666D0A85E679CDE21C43545C2E7
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Frame ID: D3A5AEF7656CBAF74D38DB3F5C91E4E7
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&adk=1812271804&adf=3025194257&lmt=1696811266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466607&bpp=1&bdt=2663&idt=1&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687%2C5424819499&nras=1&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=12
Frame ID: 6A7E7689FB296E1B2EBF710AB9B2EC4D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: 55D37143FDBEE9D87F4B9261B7342F41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVKHJc7T1QBwm4DGtHm1JqHJhewZWnQUSuKMtuFKl4yl4h6UxAP1sEm5b1mr7EMB-jrhr61xIDEiRjeqqVEwlGgXR13B_vJlSKCM-WRX0VcvsLRc7CE9j07CoQ0ZHY6jD8P8tSbNVjcThXbjAaYunkzdWvtNIbEVI8AtBcfIVR_91pVIXo
Frame ID: 8BA3DD1C8F904F7F2DC89D55700D9CE0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BA54EC143695ABF589DEF109F193739B
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52487100006319004444550012472013&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A2DD0EE38DF5C6BBD108FB16ACE7A418
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3B90E62DB6B28533E69042156073396A
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429
Frame ID: D4DC40045AB58597D72CB873E5305C82
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Frame ID: 445C3B030F65004C2548E0241D0E5431
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D787D542984A5E6B4412F84EBCFDC81
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B79E82C094745C22468DD48F603E3914
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4FDCBD159126A6604B25B99D51A712B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

azpartsnow 的個人檔案 - DCFever.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

94 %
HTTPS

57 %
IPv6

30
Domains

50
Subdomains

44
IPs

12
Countries

2100 kB
Transfer

4641 kB
Size

22
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.azpartsnow.com/
Title: https://www.azpartsnow.com/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/hk/app/dcfever-%E4%BA%8C%E6%89%8B%E5%B8%82%E9%9B%86/id6444018317

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.dcfever.tradingapp&hl=zh-TW

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwuRtv3JwkrmdRkkllWSc8A
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dcfeverhk
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dcfever_hk/
Title: IG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg HTTP 301
https://static.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1&C=1

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSNlI8P9gSYJAdPPASW3lAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUs7Yc51nZhKOxCcRxmTzA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAUs7Yc51nZhKOxCcRxmTzA%26google_cver%3D1

Request Chain 104

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D

Request Chain 112

https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 123

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELHVZ0OEMDt8Drz-I_ZxNrU&google_cver=1&google_push=AXcoOmQggzK8vZbHK6t4egp0X6sKEMcMiXwKRiUuGaTer19j6ryZygcK4lPgT8HaB4DBIMdVNMFEpBPmtZ6QoT0VWB0fhV1k2y2h2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHVZ0OEMDt8Drz-I_ZxNrU&google_push=AXcoOmQggzK8vZbHK6t4egp0X6sKEMcMiXwKRiUuGaTer19j6ryZygcK4lPgT8HaB4DBIMdVNMFEpBPmtZ6QoT0VWB0fhV1k2y2h2w

Request Chain 134

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELtm4fNB-e9tPNLNCnm-j_s&google_cver=1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696818467801 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cc71dc56-44a9-46c3-b093-595c77e2a48a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q%26google_hm%3DA8xx3FZEqUbDsJNZXHfipIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&google_hm=A8xx3FZEqUbDsJNZXHfipIo

Request Chain 135

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGfB1CfZ0SrJ3TjXuqkY-zxc5_pvcz11B5N8gdzyPDQMWQRK4aISnLpH2ihy3ix4iIgufY13S4MaxdUBQxPgWfTuI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGfB1CfZ0SrJ3TjXuqkY-zxc5_pvcz11B5N8gdzyPDQMWQRK4aISnLpH2ihy3ix4iIgufY13S4MaxdUBQxPgWfTuI

Request Chain 137

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEAaWUV5i1ssCbwqNGBrtbF0&google_cver=1&google_push=AXcoOmQbQ4rnMsRwUr1ubwS3Mttj3Gc_NNE4zX_TzaanT43V0yVywn7SUD9FSb1eUut3I5eWdlqmft1HXWdnfpoaERUII9Xlb6mNxa0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ded58f30-a8c3-40fb-91f9-aba58af0b2aa&google_cver=1&google_gid=CAESEAaWUV5i1ssCbwqNGBrtbF0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQbQ4rnMsRwUr1ubwS3Mttj3Gc_NNE4zX_TzaanT43V0yVywn7SUD9FSb1eUut3I5eWdlqmft1HXWdnfpoaERUII9Xlb6mNxa0&gdpr=${GDPR}

156 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request profile.php Show response
www.dcfever.com/users/ 37 KB
12 KB 954ms
465ms Document
text/html 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 / PHP/5.6.30
Resource Hash: 4099b9686205d194cf49e67952bfda8f71313a74767daf1bb44317bbf6765233

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Oct 2023 02:27:05 GMT
Server: nginx/1.11.9
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30

GET
H2 200 global_20231006.css
cdn10.dcfever.com/v4/css/ 40 KB
9 KB 88ms
13ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.dcfever.com/v4/css/global_20231006.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e266f9a563f2e1ef30f7dcc7a85ee1fb194b126e57bd9271e7ab9198035de350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/06/2023 04:53:19
cdn-pullzone: 587890
last-modified: Fri, 06 Oct 2023 12:52:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65200304-a04f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 4db6f5f33062809290bd5613e3e38c3e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 05 Oct 2024 04:52:43 GMT

GET
H2 200 grid_20150811.css
cdn10.dcfever.com/v4/css/ 16 KB
3 KB 99ms
24ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.dcfever.com/v4/css/grid_20150811.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: d1cc9ef7ac37881e60962e1354de04e5d4ed2683f16780dc62a8211125021e07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 01:56:02
cdn-pullzone: 587890
last-modified: Tue, 04 Jul 2017 02:23:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"595afc3d-41f3"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: c5ad016403763fe0142a5fdeb69bd2fc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 20:00:04 GMT

GET
H2 200 user_20160318b.css
cdn01.dcfever.com/v4/css/ 16 KB
4 KB 94ms
40ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v4/css/user_20160318b.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e5b7e14704b22622f2250300bb6b5db77e207648afe9b68af869a105dee3a682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 04:50:42
cdn-pullzone: 587890
last-modified: Wed, 18 Sep 2019 05:17:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"5d81bdd4-41f6"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 577601bf25bfbe0c7b7db4f91c5d7f22
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 06 Jul 2024 04:50:42 GMT

GET
H2 200 magnific_popup.css
cdn01.dcfever.com/js/magnific/ 8 KB
3 KB 72ms
18ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/magnific/magnific_popup.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 78f9179479204b7f5b4e2fa5f2a28267121ee80bbb1da811abe2d3c68c3255d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 05/27/2023 08:56:14
cdn-pullzone: 587890
last-modified: Fri, 04 Mar 2016 05:28:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"56d91d02-2003"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: f037352cddb1d10155fe42edb7eda0db
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sun, 26 May 2024 08:56:14 GMT

GET
H2 200 layout_01.css
cdn01.dcfever.com/v5/css/ 28 KB
6 KB 72ms
18ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/css/layout_01.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: fbb469c48bb3ae4541dc074b94c584ee70b913d9476f83b99b26357941054929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 03:11:49
cdn-pullzone: 587890
last-modified: Mon, 09 Aug 2021 02:59:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"61109a17-6e97"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: ae31b04ee1216fbb5b8bf4cbbd160fc4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 06 Jul 2024 03:11:49 GMT

GET
H2 200 all.css
cdn01.dcfever.com/v4/css/fontawesome-5.15/css/ 72 KB
14 KB 78ms
25ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e5ad31a47913cdfc2470acd4e304982fae2bccf62098855fecf3b84c1e7fea34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:56:02
cdn-pullzone: 587890
last-modified: Tue, 16 Mar 2021 07:15:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"60505b02-11f99"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 5fe92339673c2d99e36cad3151138342
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:02 GMT

GET
H2 200 nav_main.css
cdn01.dcfever.com/v5/css/ 7 KB
2 KB 92ms
39ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/css/nav_main.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: b0caee2db11ebefe7a5bea3db52e06cdbcf268376e6f6a4a11358ec8c63f7133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 08/29/2023 11:36:27
cdn-pullzone: 587890
last-modified: Fri, 25 Jun 2021 02:33:32 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"60d5407c-1d9e"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: c296c6dd76ef17d23a9bd0923c060746
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Wed, 28 Aug 2024 11:36:23 GMT

GET
H2 200 nav_20231005a.css
cdn01.dcfever.com/v5/css/ 17 KB
4 KB 71ms
17ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/css/nav_20231005a.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: f402c73a7bfb1db2fcf457c2c675274b43ad6a49e627bf8f19ff2c030ad12162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/05/2023 10:36:17
cdn-pullzone: 587890
last-modified: Thu, 05 Oct 2023 18:22:07 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"651efecf-437e"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 533064c9beb661bf09263da68f9fa6ef
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Fri, 04 Oct 2024 10:35:42 GMT

GET
H2 200 product_01a.css
cdn01.dcfever.com/v5/css/ 20 KB
5 KB 70ms
17ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/css/product_01a.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 1b522e932396d9b1cb63b82d77538ce3c23a0fa70802a9a391dda541687c4fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 09/25/2023 15:29:58
cdn-pullzone: 587890
last-modified: Mon, 25 Sep 2023 22:50:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65120eba-4ee2"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: ff8047f6349734d1785543386d2226c4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Tue, 24 Sep 2024 15:29:32 GMT

GET
H2 200 masonry.pkgd.min.js Show response
cdn01.dcfever.com/js/masonry/ 28 KB
10 KB 94ms
41ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/masonry/masonry.pkgd.min.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/26/2023 03:50:10
cdn-pullzone: 587890
last-modified: Mon, 11 Jan 2016 03:22:52 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"5693200c-7119"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: a67d4f2d20731cb8d728f04318daedbc
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 25 Jul 2024 03:50:10 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
cdn01.dcfever.com/js/masonry/ 7 KB
3 KB 94ms
41ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/masonry/imagesloaded.pkgd.min.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: a45687d15a46bd0c0469f9c3d38b5edb3f3449478bf0a0c4cdca10b48d86c2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/26/2023 03:50:10
cdn-pullzone: 587890
last-modified: Mon, 11 Jan 2016 03:22:53 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"5693200d-1d00"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 197ef7a31eeca3abeb69237d185b5905
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 25 Jul 2024 03:50:10 GMT

GET
H2 200 magnific.js Show response
cdn01.dcfever.com/js/magnific/ 47 KB
16 KB 93ms
40ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/magnific/magnific.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 067ed1942c6ec0b5af871590d7908fab8a3f5af0bed24eb056164a58095cac46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 04:50:42
cdn-pullzone: 587890
last-modified: Fri, 04 Mar 2016 05:28:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"56d91d02-bced"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 89a06ba07d31b98c50695881ab2e40e7
cdn-requestcountrycode: DE
cdn-status: 200
expires: Sat, 06 Jul 2024 04:50:42 GMT

GET
H2 200 jquery-scrolltofixed.js Show response
cdn01.dcfever.com/js/ 20 KB
5 KB 88ms
35ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/jquery-scrolltofixed.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 122980d66002ecf6854209ad78a8a2d1439f88fc5c796ad54a84493c1f11b40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 01:56:02
cdn-pullzone: 587890
last-modified: Mon, 07 Dec 2015 10:39:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"566561cc-51e9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: c871a67f0f10f1273968e039019e1e2d
cdn-requestcountrycode: DE
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 53ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39a1b76322af3d3f3b3269fb5273c5f25698583989618054e3cff3216ff6cb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 02:27:44 GMT

GET
H2 200 dcfever_logo_png.png
cdn01.dcfever.com/images/ 14 KB
14 KB 18ms
14ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.dcfever.com/images/dcfever_logo_png.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8d8834a947897d7bba059dd1efcad06b91f99facd557e4fb29955d6731eb09f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:56:03
cdn-pullzone: 587890
content-length: 14300
last-modified: Fri, 08 Feb 2013 10:49:50 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "5114d84e-37dc"
content-type: image/png
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: c6d0abaf668bedda335567948dcfe260
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:03 GMT

GET
H2 200 dcfever_logo_v2_png.png
cdn01.dcfever.com/images/ 13 KB
13 KB 20ms
16ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.dcfever.com/images/dcfever_logo_v2_png.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 3c9ad3cb87f4c8c481c59c52a057ca0d2813cb9108cfd237917608c3bc9d1be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 08/28/2023 00:23:08
cdn-pullzone: 587890
content-length: 13333
last-modified: Tue, 13 Apr 2021 18:08:55 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6075de37-3415"
content-type: image/png
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 95ce71c18d3b1b211a547775f7c802ac
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Tue, 27 Aug 2024 00:23:06 GMT

GET
H2 200 profile_pic.png
cdn01.dcfever.com/column/images/ 3 KB
3 KB 17ms
14ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.dcfever.com/column/images/profile_pic.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 4667c94befc9784465ffebbec6a5746e1a50b479c247c832b9d23dd8e02fe65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 01:56:03
cdn-pullzone: 587890
content-length: 3045
last-modified: Thu, 12 Nov 2015 03:22:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "564405f2-be5"
content-type: image/png
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 6a439459eb9952cda61a54d7f0c8319c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:03 GMT

GET
H2

200

1172991_1696754601_icon.jpg
static.dcfever.com/media/users/icons/1172/
Redirect Chain

https://www.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg
https://static.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg

11 KB
11 KB

541ms
477ms

Image
image/jpeg

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 7a603aecd2b327bafd89b4763c8a3dc92d3717326df374696eb8e58439f4b22f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:45 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 10/09/2023 02:27:45
cdn-pullzone: 587890
content-length: 11120
last-modified: Sun, 08 Oct 2023 16:44:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6522dc64-2b70"
content-type: image/jpeg
cdn-cache: MISS
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 5a38ac91d3b141e10910083b09a7fd76
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Tue, 08 Oct 2024 02:27:07 GMT

Redirect headers

Date: Mon, 09 Oct 2023 02:27:07 GMT
Server: nginx/1.11.9
Content-Type: text/html
Location: https://static.dcfever.com/media/users/icons/1172/1172991_1696754601_icon.jpg
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 185
Expires: Tue, 08 Oct 2024 02:27:07 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 18 KB
8 KB 57ms
31ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb94b282c6fd1928c6070b99d3334151ccf117ca5af8c1826ab7b0f71607f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
server: cafe
etag: 7795836969506827106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:44 GMT

GET
H2 200 jquery.cookie.js Show response
cdn01.dcfever.com/js/ 4 KB
2 KB 14ms
14ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/js/jquery.cookie.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8f3f968e513eb907e7237f770802f5f28cf83518dde9f0cae5d608bb03824eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:56:03
cdn-pullzone: 587890
last-modified: Sat, 28 Dec 2013 03:52:43 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"52be4b0b-1180"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 83617709f0fe6c646a25ece53559a1d3
cdn-requestcountrycode: DE
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:03 GMT

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/9.6.7/ 28 KB
9 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.7/firebase-app-compat.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c5b8ea34dfe39acea247c3004e5e4521875e70b7c317e0efa3633bc047a5b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 03:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8918
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 17:53:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 03:31:13 GMT

GET
H2 200 firebase-auth-compat.js Show response
www.gstatic.com/firebasejs/9.6.7/ 120 KB
35 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.7/firebase-auth-compat.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d725491c4075f128defe9ad0e3d4f4894ed399c943997dab7432f015bbceb4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35522
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 17:53:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 19:01:32 GMT

GET
H2 200 firebase-database-compat.js Show response
www.gstatic.com/firebasejs/9.6.7/ 161 KB
47 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.7/firebase-database-compat.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da50473010eba615db20d7943c029cfcc0fd3a993e835698833fc3e9ad3f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47881
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 17:53:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 21:40:21 GMT

GET
H2 200 firebase-firestore-compat.js Show response
www.gstatic.com/firebasejs/9.6.7/ 293 KB
88 KB 52ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.7/firebase-firestore-compat.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6130cf837755df63a979fc0e2b1dc003ba139c5614883f3079407ef9588388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 18:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90220
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 17:53:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 18:35:28 GMT

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/9.6.7/ 37 KB
37 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.6.7/firebase-messaging-compat.js

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f4fe05f9406472ab40ad7f45608ee46e03fe95442b4bfaa8fa748c050f4943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:28:52 GMT
x-content-type-options: nosniff
age: 277132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37953
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 17:53:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 21:28:52 GMT

GET
H2 200 chatmodal.css
cdn01.dcfever.com/v5/css/ 2 KB
1 KB 17ms
13ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/css/chatmodal.css
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 3cd308b717f2707a77cc547267d21788fe0c20fd7e6985611a89bda032bc734c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 08/31/2023 08:12:03
cdn-pullzone: 587890
last-modified: Wed, 22 Jun 2022 03:21:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"62b28ab5-6f0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 16d7f60f9c07260134257797321af149
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Fri, 30 Aug 2024 08:11:58 GMT

GET
H2 200 chatmodal.js Show response
cdn01.dcfever.com/v5/js/ 3 KB
1 KB 19ms
15ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v5/js/chatmodal.js
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 299b123d8cb1a97375ab38aaa7f0a84d14466adafa16a2c909a5529b93eeff4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 08/31/2023 08:12:03
cdn-pullzone: 587890
last-modified: Wed, 22 Jun 2022 03:36:56 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"62b28e58-a6f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: max-age=31536000
cdn-requestid: 14de81119d61180d54f58d785e2d4c1e
cdn-requestcountrycode: DE
cdn-status: 200
expires: Fri, 30 Aug 2024 08:11:58 GMT

GET
H/1.1 200
OK bit.ly_46BX8yZ.png
www.dcfever.com/campaigns/2023/app/ 27 KB
28 KB 1109ms
1106ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/app/bit.ly_46BX8yZ.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: b4b4b440ed808e3e3d598b5522e5de0cbebfa143014aeb7170aa9acbe2d360da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:07 GMT
Last-Modified: Thu, 05 Oct 2023 15:13:54 GMT
Server: nginx/1.11.9
ETag: "651ed2b2-6cfb"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27899
Expires: Tue, 08 Oct 2024 02:27:07 GMT

GET
H/1.1 200
OK appdownload_appstore.png
www.dcfever.com/campaigns/2023/test/ 8 KB
8 KB 1661ms
1172ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/test/appdownload_appstore.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: a0b22cc658cb2b6f18315959d2e6de9904a84063b15bc35c657f0e895d669840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:08 GMT
Last-Modified: Tue, 03 Oct 2023 13:20:57 GMT
Server: nginx/1.11.9
ETag: "651c1539-1fcf"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8143
Expires: Tue, 08 Oct 2024 02:27:08 GMT

GET
H/1.1 200
OK appdownload_googleplay.png
www.dcfever.com/campaigns/2023/test/ 14 KB
15 KB 958ms
496ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/test/appdownload_googleplay.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: 760e360579165d2a298a42d5d5d310b74b4a425d2fa9bd6166abf37c704dce4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:06 GMT
Last-Modified: Tue, 03 Oct 2023 13:12:49 GMT
Server: nginx/1.11.9
ETag: "651c1351-38ee"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14574
Expires: Tue, 08 Oct 2024 02:27:06 GMT

GET
H/1.1 200
OK channel_youtube.png
www.dcfever.com/campaigns/2023/test/ 3 KB
3 KB 1071ms
233ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/test/channel_youtube.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: 2b02484c717b73704cd3167a75568c31d847f35acb87698499ed2c15e0b5534d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:07 GMT
Last-Modified: Tue, 03 Oct 2023 13:50:21 GMT
Server: nginx/1.11.9
ETag: "651c1c1d-cac"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3244
Expires: Tue, 08 Oct 2024 02:27:07 GMT

GET
H/1.1 200
OK channel_facebook.png
www.dcfever.com/campaigns/2023/test/ 3 KB
3 KB 1178ms
235ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/test/channel_facebook.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: 6045b0ae82394826c06aec665b8264501db01a5039aba419f0fb6e33db3a3d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:07 GMT
Last-Modified: Tue, 03 Oct 2023 13:50:21 GMT
Server: nginx/1.11.9
ETag: "651c1c1d-a57"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2647
Expires: Tue, 08 Oct 2024 02:27:07 GMT

GET
H/1.1 200
OK channel_ig.png
www.dcfever.com/campaigns/2023/test/ 4 KB
4 KB 362ms
231ms Image
image/png 210.184.251.68
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dcfever.com/campaigns/2023/test/channel_ig.png
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.68 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.9 /
Resource Hash: 9d5b7a34e4e5c8c39f1454a94cdf9e52884f5cba3a8ebfe84010d097462522f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/users/profile.php?id=1172991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:07 GMT
Last-Modified: Tue, 03 Oct 2023 18:13:14 GMT
Server: nginx/1.11.9
ETag: "651c59ba-f66"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3942
Expires: Tue, 08 Oct 2024 02:27:07 GMT

GET
H/1.1 200
OK ajs.php Show response
adx.adxglobal.com/ads/www/delivery/ 997 B
1 KB 1844ms
894ms Script
text/javascript 210.184.251.82
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=34164474657&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.82 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.7 / PHP/5.6.29
Resource Hash: 1265b6e1733446d27f0ae5e28392703c4689feabe550347d645710ef9fdce610

Request headers

Referer: https://www.dcfever.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:45 GMT
Server: nginx/1.11.7
X-Powered-By: PHP/5.6.29
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 fa-solid-900.woff2
cdn01.dcfever.com/v4/css/fontawesome-5.15/webfonts/ 76 KB
77 KB 55ms
26ms Font
application/octet-stream 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.dcfever.com/v4/css/fontawesome-5.15/webfonts/fa-solid-900.woff2
Requested by: Host: cdn01.dcfever.com
URL: https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css
Origin: https://www.dcfever.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 09 Oct 2023 02:27:44 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 01:56:03
cdn-pullzone: 587890
content-length: 78196
last-modified: Tue, 16 Mar 2021 07:15:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "60505b02-13174"
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 6de13aedb41ca8552b41ddd003057736
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 06 Jul 2024 01:56:03 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ND0VB1W90&gtm=45je3a40&_p=1118924568&_gaz=1&cid=1799254499.1696818464&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696818464&sct=1&seg=0&dl=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&dt=azpartsnow%20%E7%9A%84%E5%80%8B%E4%BA%BA%E6%AA%94%E6%A1%88%20-%20DCFever.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dcfever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 52ms
17ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5ND0VB1W90&cid=1799254499.1696818464&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dcfever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 43ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5ND0VB1W90&cid=1799254499.1696818464&gtm=45je3a40&aip=1&z=1961434554

Requested by

Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lg.php
adx.adxglobal.com/ads/www/delivery/ 43 B
500 B 233ms
233ms Image
image/gif 210.184.251.82
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.adxglobal.com/ads/www/delivery/lg.php?bannerid=984&campaignid=828&zoneid=6&loc=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&cb=5674f60b7f
Requested by: Host: adx.adxglobal.com
URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=34164474657&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.82 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.7 / PHP/5.6.29
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:46 GMT
Server: nginx/1.11.7
X-Powered-By: PHP/5.6.29
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bfabfd6875c7b83e26c46b036fcb0d93c4d49d01d2e1f26a5b889eac1c75901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51246
x-xss-protection: 0
server: cafe
etag: 10557020856347186482
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:45 GMT

GET
H/1.1 200
OK ajs.php Show response
adx.adxglobal.com/ads/www/delivery/ 997 B
1 KB 457ms
229ms Script
text/javascript 210.184.251.82
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=30588068588&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991
Requested by: Host: www.dcfever.com
URL: https://www.dcfever.com/users/profile.php?id=1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.82 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.7 / PHP/5.6.29
Resource Hash: 84a06cfbbed3264c6a898b2615e3fcf541affad5a6f155bf0d2252ce4cf486eb

Request headers

Referer: https://www.dcfever.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:46 GMT
Server: nginx/1.11.7
X-Powered-By: PHP/5.6.29
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 icons_user_svg.svg
cdn01.dcfever.com/users/images/ 23 KB
8 KB 26ms
25ms Image
image/svg+xml 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.dcfever.com/users/images/icons_user_svg.svg
Requested by: Host: cdn01.dcfever.com
URL: https://cdn01.dcfever.com/v4/css/user_20160318b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 9be265e2b6afc6d2ac763b7d369b03d5865852d861bbf1f42525dbb489b29a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn01.dcfever.com/v4/css/user_20160318b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:45 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 09/30/2023 16:54:25
cdn-pullzone: 587890
last-modified: Tue, 08 Mar 2016 02:52:49 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"56de3e81-5cf4"
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 00052f33-2042-4c65-bab1-7a7a20a60fd3
cache-control: public, max-age=2592000
cdn-requestid: bfeaa90f4e3887eb310a65145b5a359d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8038336834024926&plah=www.dcfever.com&bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b7cdece616e2939da6d310853fdf203821255e657e825fb8290900286e9479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135749
x-xss-protection: 0
server: cafe
etag: 1162808132929365089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame E12A 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Sun, 22 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 65ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dcfever.com&callback=_gfp_s_&client=ca-pub-8038336834024926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8038336834024926&plah=www.dcfever.com&bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

990e834851a6566f0be7b58a3cd5da577184facd2c2a406d4b1514f86f8efff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E53B 128 KB
36 KB 263ms
262ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=785354580&adf=1610234373&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465940&bpp=86&bdt=1997&idt=161&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&correlator=3891405826101&frm=20&pv=2&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=U4K32Ne4yy&p=https%3A//www.dcfever.com&dtd=175

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc872305fc8f05c784c3baaaf97fac982a26bce81dfa433f12510ba681e86e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36855
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:46 GMT
expires: Mon, 09 Oct 2023 02:27:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B71 30 KB
12 KB 156ms
156ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=250&slotname=3974334687&adk=738776673&adf=3271635628&pi=t.ma~as.3974334687&w=300&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465944&bpp=83&bdt=2000&idt=177&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&prev_slotnames=5424819499&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1078&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zHCAa3bwkd&p=https%3A//www.dcfever.com&dtd=181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06e114c8e5b8c7196aca5e84100e7b1edafe6f34f31612d9b61476bb32f8bea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:46 GMT
expires: Mon, 09 Oct 2023 02:27:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2B71 3 KB
1 KB 83ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=250&slotname=3974334687&adk=738776673&adf=3271635628&pi=t.ma~as.3974334687&w=300&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465944&bpp=83&bdt=2000&idt=177&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&prev_slotnames=5424819499&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1078&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zHCAa3bwkd&p=https%3A//www.dcfever.com&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2B71 20 KB
9 KB 82ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B71 187 KB
59 KB 75ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B71 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch2rAImUjZaz9CNW69u8Ps-G0yA_JntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMzgzMzY4MzQwMjQ5MjbIAQmpAs4bsBDdwrE-qAMByAMCqgSIAk_QmFuCQIBK96L2ccq2egWnqGosoXfeCPtlQ0gYbwtIqpiamFty4vHR_YBthtarWcnqma8L4VRZD9ohK2eribwVbCKr7ipj0_02vMEtKsL1d-n4jHoh9gNmUkZRE_JSU9wRA4CaNJkgaEOqoNk9r-0TMJkZLoELXHarzk67dg7I7lN8n918JHXVu7vGTYG45TLKeSMhCNCcyYDTpffpOA25Fma_lycP3LOAhPqlHFkgYGVTohI2maWci8ue-IBS3ejOBvsMOfn6DdqRzbIlEq-434swtM-ytQ_gLgdJk5KX7HZBGFsgmXKuUhosj5fWJgBDtiXVdYQZk7PHUELLmiQ4MTG2nWh824AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MDM4MzM2ODM0MDI0OTI2GKT2BQ&sigh=sdW_fO77gHk&uach_m=[UACH]&cid=CAQSGwDICaaNqTS0QfqdAHuyj4jWa_Q8gZz02wliYxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=250&slotname=3974334687&adk=738776673&adf=3271635628&pi=t.ma~as.3974334687&w=300&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465944&bpp=83&bdt=2000&idt=177&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&prev_slotnames=5424819499&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1078&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zHCAa3bwkd&p=https%3A//www.dcfever.com&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 02:27:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 02:27:46 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2B71 0
0 87ms
21ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMc1rAL6AZ2DYgICAAAAnPed6nPgCTyVjDhbECJlI2Vk8mfQ0_uOCM1RAAASAAAKCkFRVUJBUUVCQVE&wp=ZSNlIgACPqwH_Z1VAA0ws8vEERoUe0cMAGU59w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 174838
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4686 160 KB
53 KB 106ms
65ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSNlIgACPqwH_Z1VAA0ws8vEERoUe0cMAGU59w&u=%7C7sDFIQg4ce4EnVVO8bx4B3VFDR9%2F0y2ytroar58PWjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku49oDwE7iqWIdSAHg0_OWJVXIwuO7OwQQXiqYEBcBPwcInwIIIO1OkmtDp0tDML2JfoBcHQNL7_bsTUjgjf7moTrgDTOMyQfvWSTuqtbjqKMceEVSI54wNa8OE82eMocVUnWGoSWolY7Lg2pDtuvUS5DqsgKrE8L4wz5w4IJRY_TebefKAVPP1pQpV9b-1xV5Kl-JMzLge3ARRiYuyC7vZMSf102Dl6HDpNtA7LWAYKwcwGl0vvKz3MEiNfWQA69wSEvmzG2B2FWPjznShHVjtmUXJg7VUfzfY-gM0lvlS74DP9YMg-VCsZ2bcLh0A4euo-or6yLA2hyD6ju5Z1cfhey2p6Z0zgGxAkv1vx_3XdqueUGo0fExMDccTf563PmZtIkDga9l_Q5OhwWzHFGUaaTuVfUUP2SQvccZ0H0N6u-l8dVD8novODdZ2TVJa4YP7BzcGZlcJNp9WwD_kG-u8xPofW7TYogifjf1qwaffhZvmAggokwwvLrO4fk5ukyUw11Usqd_t7YZnjKixOV7S2Im53e_B_otypLfFrMdmlzM7-sJWEBtU7IM4solr7tSDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtyMZImUjZaz9CNW69u8Ps-G0yA_JntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMzgzMzY4MzQwMjQ5MjbIAQmpAs4bsBDdwrE-qAMByAMCqgSLAk_QmFuCQIBK96L2ccq2egWnqGosoXfeCPtlQ0gYbwtIqpiamFty4vHR_YBthtarWcnqma8L4VRZD9ohK2eribwVbCKr7ipj0_02vMEtKsL1d-n4jHoh9gNmUkZRE_JSU9wRA4CaNJkgaEOqoNk9r-0TMJkZLoELXHarzk67dg7I7lN8n918JHXVu7vGTYG45TLKeSMhCNCcyYDTpffpOA25Fma_lycP3LOAhPqlHFkgYGVTohI2maWci8ue-IBS3ejOBvsMOfn6DdqRzbIlEq-434swtM-ytQ_gLgdJk5KX7HYDGnqyGeF-b7z8qE1aBunnuALfw443izFzmH9taJsmHSkuV_xcMtPsY4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sOtDKYyh5GTIvMkSmVxyI82kS_g%26client%3Dca-pub-8038336834024926%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e7a43b4d8793f58b30da9a2cf5a42a0db0263f5a41f019a008b203e3bd0040a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qn86hxFjjSRi8VDFNuRkpSfyq7fV3CTFS16tYWso5dVFwYtHLy3EuP-u-vGh2kHrFxmoBwPdLBoghk6sCRb530KSeHPHm9Ixpystx1L-GzZ-P-Hi97ErFdOEJsl32Tj-rcjSJB_-kQWSfFw6I0cxAMF75cF3W9AxSyMZikrZx2qsfRMrX_bfdnzhcIYR11iyauku-HLNVCa_jJHzx22pKMZ-fHHhMYRL3oIIFL9dv-K41113qpm-HOpIiIU"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48844768
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2B71 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bfed354cee883542907b8d12a6a45400a98286b76cfc2b68dd0a64d00197e47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ND0VB1W90&gtm=45je3a40&_p=1118924568&cid=1799254499.1696818464&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696818464&sct=1&seg=0&dl=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&dt=azpartsnow%20%E7%9A%84%E5%80%8B%E4%BA%BA%E6%AA%94%E6%A1%88%20-%20DCFever.com&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dcfever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E53B 2 KB
973 B 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=785354580&adf=1610234373&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465940&bpp=86&bdt=1997&idt=161&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&correlator=3891405826101&frm=20&pv=2&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=U4K32Ne4yy&p=https%3A//www.dcfever.com&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame E53B 23 KB
9 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E53B 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E53B 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E53B 187 KB
59 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:46 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame E53B 37 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4686 2 KB
1 KB 357ms
31ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZSNlIgACPqwH_Z1VAA0ws8vEERoUe0cMAGU59w&u=%7C7sDFIQg4ce4EnVVO8bx4B3VFDR9%2F0y2ytroar58PWjc%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku49oDwE7iqWIdSAHg0_OWJVXIwuO7OwQQXiqYEBcBPwcInwIIIO1OkmtDp0tDML2JfoBcHQNL7_bsTUjgjf7moTrgDTOMyQfvWSTuqtbjqKMceEVSI54wNa8OE82eMocVUnWGoSWolY7Lg2pDtuvUS5DqsgKrE8L4wz5w4IJRY_TebefKAVPP1pQpV9b-1xV5Kl-JMzLge3ARRiYuyC7vZMSf102Dl6HDpNtA7LWAYKwcwGl0vvKz3MEiNfWQA69wSEvmzG2B2FWPjznShHVjtmUXJg7VUfzfY-gM0lvlS74DP9YMg-VCsZ2bcLh0A4euo-or6yLA2hyD6ju5Z1cfhey2p6Z0zgGxAkv1vx_3XdqueUGo0fExMDccTf563PmZtIkDga9l_Q5OhwWzHFGUaaTuVfUUP2SQvccZ0H0N6u-l8dVD8novODdZ2TVJa4YP7BzcGZlcJNp9WwD_kG-u8xPofW7TYogifjf1qwaffhZvmAggokwwvLrO4fk5ukyUw11Usqd_t7YZnjKixOV7S2Im53e_B_otypLfFrMdmlzM7-sJWEBtU7IM4solr7tSDA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtyMZImUjZaz9CNW69u8Ps-G0yA_JntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTgwMzgzMzY4MzQwMjQ5MjbIAQmpAs4bsBDdwrE-qAMByAMCqgSLAk_QmFuCQIBK96L2ccq2egWnqGosoXfeCPtlQ0gYbwtIqpiamFty4vHR_YBthtarWcnqma8L4VRZD9ohK2eribwVbCKr7ipj0_02vMEtKsL1d-n4jHoh9gNmUkZRE_JSU9wRA4CaNJkgaEOqoNk9r-0TMJkZLoELXHarzk67dg7I7lN8n918JHXVu7vGTYG45TLKeSMhCNCcyYDTpffpOA25Fma_lycP3LOAhPqlHFkgYGVTohI2maWci8ue-IBS3ejOBvsMOfn6DdqRzbIlEq-434swtM-ytQ_gLgdJk5KX7HYDGnqyGeF-b7z8qE1aBunnuALfw443izFzmH9taJsmHSkuV_xcMtPsY4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sOtDKYyh5GTIvMkSmVxyI82kS_g%26client%3Dca-pub-8038336834024926%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4686 2 KB
1 KB 354ms
28ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4686 308 B
636 B 349ms
30ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4686 293 B
621 B 350ms
31ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4686 43 B
348 B 346ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=_oiFiH8WJ7ScdiDVDfcN1PeaoUCR3as0tdPfhKPNc6blCChqsuhfTdUCzrHPK_F0QmX0jG37ixpLpiHQd5mqooPNZzlreKe13Xm4mCPoaohXTJNQa1tUvO2K-p1W2UE23idl51_ka2guk6s9Eo2Uno5IXP85LH2W9qc8XI7aCE7aCCOtxnihwZqyCpZvpOMdfeWjxKuIR_qwdXonQ09rm3d9rMc3dW6E4MScckItBYHeuV1tN60lFws9obyP1cvzoFIRu3m6X-J8gdZXWqdAcB1WKnmY88pfR6FW7AN3DrgW1ObMkXhdgW7xZQ4FWt3cYni2YRw7ndLkXo1EN7gHPvtHJc5FXjvqx6Lbus6IUEttNy82u0AIFerAokqK5h-QZzy499Cp9hHVM4Do3dGXDPZMoLArmmSyBopojipvhU62_p92hKhzp_MXJ0J1tbEHbO7d6g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2016422
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4686 12 KB
5 KB 324ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2016725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVTRAXRxr72GeyFTjKfTnr8dDrHIhe9crmbK0lBQqLpfZwtaeqOOmZGTU3KP663ByfRhQX1F8axyAbP8HKeNTLOMYdlM8HoZ3DaKANjcNoY5XKKX2BiuiJ4feNq7O2VsGcUkZPoJp5o4Vr0uQYUgpPth"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81332fb96e6f35ee-FRA
expires: Sat, 28 Sep 2024 02:27:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4686 12 KB
6 KB 339ms
29ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H/1.1 200
OK lg.php
adx.adxglobal.com/ads/www/delivery/ 43 B
500 B 245ms
245ms Image
image/gif 210.184.251.82
IS-AP iAdvantage ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.adxglobal.com/ads/www/delivery/lg.php?bannerid=984&campaignid=828&zoneid=6&loc=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&cb=b18a7959cd
Requested by: Host: adx.adxglobal.com
URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=30588068588&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.184.251.82 , Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK),
Reverse DNS
Software: nginx/1.11.7 / PHP/5.6.29
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:46 GMT
Server: nginx/1.11.7
X-Powered-By: PHP/5.6.29
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3A5 27 KB
13 KB 194ms
188ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41d1557d3116343a7c665d17a1dbb2210e9f1346ccdfdaddfe91d62fda53493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12883
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E53B 29 KB
29 KB 307ms
9ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSAhIXtWWcPg3YPiaKK2JYwcEjs-X7b5iR_U4j_lz8VXmanEAayJJEFAEJuJRA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b42a583831626ed7fec0297bcd8f8b256863dc34bcb3a978bef5053c3efda2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:15:27 GMT
x-content-type-options: nosniff
age: 331939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29359
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 08:26:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Oct 2024 06:15:27 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E53B 51 KB
51 KB 302ms
5ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQFKJIlLDwn4yfkEiQlGdaU2Hph_a7l-NTfgm6rwYfnKEqTIKx_e33nWkn4dZY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfaeaaf48eee2b125aced1bde74a95228e36b4fff62c9337b6ebd3982d762a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 09:01:37 GMT
x-content-type-options: nosniff
age: 149169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51774
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 08:42:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 06 Oct 2024 09:01:37 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E53B 39 KB
39 KB 324ms
27ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTEgZjdyG-05N1BmLI_jBDmJsraFrTuQneJYUmS86OOrAQOmngvQzN-919MByo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72e3d440671752909cf24f9a939ea60d7d08b76722f750f8cc93d99ddf4b116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:15 GMT
x-content-type-options: nosniff
age: 567091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40102
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 08:56:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 01 Oct 2024 12:56:15 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E53B 46 KB
46 KB 325ms
28ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcStpzOovgDHGQ6H-PJkPRLIX1FjeWlUBXO4tVFiRH4yMemsRHd5xXyJ1yauPF0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e4281ffab5fe4a4d011ebc2dfafc13cdc5f494378dd525f1aa8ac57d06bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 17:12:28 GMT
x-content-type-options: nosniff
age: 33318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47220
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 03:05:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 07 Oct 2024 17:12:28 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E53B 40 KB
40 KB 328ms
29ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRWHfDImFp6WxeUtugRihHNk4SUok4c8DtSlDdhDzJg8A35fYLn-0BRHBjbY5g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbf5529134538f551c3948adf1e70c618784c861aa7fc98da44105e67cc110b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:21:54 GMT
x-content-type-options: nosniff
age: 241552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40624
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 07:09:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 05 Oct 2024 07:21:54 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E53B 10 KB
10 KB 344ms
46ms Image
image/png 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSEvs5iME14Sh-Jefq4WVSfbuXGFYEOsO31Uw3CVVXNYn1oF5lg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e935718d2aed491fd4dbfe54b1da0add279c2d7b7704736a8ded2f31240762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 04:49:28 GMT
x-content-type-options: nosniff
age: 164298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10432
x-xss-protection: 0
last-modified: Sat, 24 Mar 2018 07:48:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 06 Oct 2024 04:49:28 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 4686 38 KB
38 KB 346ms
50ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 4686 46 KB
46 KB 428ms
133ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 c0b34daa44234247987359c87a1b18b6_cpn_300x250_1.jpg
static.criteo.net/design/dt/3018/4734091/ Frame 4686 16 KB
16 KB 56ms
56ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/4734091/c0b34daa44234247987359c87a1b18b6_cpn_300x250_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49314d82f99bb44b050af1c5d856d3432a8e12ec5a1e5807f474fa633f7cb26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Sep 2023 08:15:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65153607-3f65"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 16229
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 4 KB
4 KB 349ms
95ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=596&rid=4&s=x621kat3fN-F1PG2paKfeGTq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2b518271f5aa52c5ffa4bf23e886e409246cf5db57a5d29c9948bf69e8366937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3607
expires: Wed, 11 Sep 2024 03:54:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 143 KB
143 KB 348ms
95ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4969299%2F2c16756ec55d4b449e6bc87dc6c83fb8_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=C8MnmLfxK3gCnmIUnHwek25W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27b88525d3d052be665a7197efa5e68500ac112b4b9287885148fce005c55710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 146220
expires: Fri, 13 Sep 2024 14:09:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 33 KB
33 KB 360ms
106ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691736592%2F23140315-WanvOS40.jpg&v=3&w=400&rid=4&s=idOzKfINBarfg8YXQgN6NpWR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

197bbc8fc65f4c1fc89e1ee4ff65983ec0349b6c51eb1ad8c9c7815967c31fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 33292
expires: Fri, 13 Oct 2023 13:24:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 117 B
331 B 280ms
27ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_empty.png&v=3&w=400&rid=4&s=pwKdqrXJZuMFGhT4AO95MAQn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 117
expires: Wed, 02 Oct 2024 18:37:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 25 KB
25 KB 426ms
174ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695111702%2F23145718-Jk1ijtFd.jpg&v=3&w=400&rid=4&s=tqwyhJUmrazHI_XEADr4Yhzg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f0308db24f1e7e1537e1055909fa1eff95e262e3fff4a1b81e8c1b47f1c774c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 25616
expires: Fri, 13 Oct 2023 14:11:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 13 KB
13 KB 299ms
47ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1689235358%2F23091807-LATF48ZM.jpg&v=3&w=400&rid=4&s=MRr5Vd3aeP6XUfcz_uFcai4F&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d4d85387fc0234fa0fca7db8ab909ccc0abf754697f35808d5442684a3241197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 13126
expires: Fri, 13 Oct 2023 13:10:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4686 1 KB
2 KB 167ms
166ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&rid=4&s=LMbwVQqqZkIT_OqRJg0FwumN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1484
expires: Mon, 02 Sep 2024 05:46:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4686 0
128 B 400ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=qn86hxFjjSRi8VDFNuRkpSfyq7fV3CTFS16tYWso5dVFwYtHLy3EuP-u-vGh2kHrFxmoBwPdLBoghk6sCRb530KSeHPHm9Ixpystx1L-GzZ-P-Hi97ErFdOEJsl32Tj-rcjSJB_-kQWSfFw6I0cxAMF75cF3W9AxSyMZikrZx2qsfRMrX_bfdnzhcIYR11iyauku-HLNVCa_jJHzx22pKMZ-fHHhMYRL3oIIFL9dv-K41113qpm-HOpIiIU&sds=2&rev=88731&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 02:27:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4686 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4686 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 03 Oct 2024 02:27:46 GMT

GET
DATA 200
OK truncated
/ Frame E53B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfb497b400223f2a96e375863ca0e5840df3ba96e28c0169cb75c694012097a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A7E 0
19 B 23ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&adk=1812271804&adf=3025194257&lmt=1696811266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466607&bpp=1&bdt=2663&idt=1&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687%2C5424819499&nras=1&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:46 GMT
expires: Mon, 09 Oct 2023 02:27:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 55D3 37 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3A5 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1qlI_w4eaoxyW9huqYnIUqXdOYjjs4EIVTf37CvGa8KZQwUBFcsyMbU_SzyXOwBX7OJBZgeXd-NhO8wYoDhc0i1welio5fMzIoAmZnE1QEUI4il4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3A5 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10058233815338261368&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D3A5 89 KB
31 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D3A5 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D3A5 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D3A5 0
0 42ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKITQwtmReaYiVFUVbStjU8BMvrYEkNPKCapOadIkWfp1lrpUOgOvmmo5Us9UWoMke5ue8oOrWGS3lm1IO6L7IfU_Kjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3A5 187 KB
59 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8BA3 624 B
242 B 19ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVKHJc7T1QBwm4DGtHm1JqHJhewZWnQUSuKMtuFKl4yl4h6UxAP1sEm5b1mr7EMB-jrhr61xIDEiRjeqqVEwlGgXR13B_vJlSKCM-WRX0VcvsLRc7CE9j07CoQ0ZHY6jD8P8tSbNVjcThXbjAaYunkzdWvtNIbEVI8AtBcfIVR_91pVIXo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8BA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1&C=1

43 B
772 B

22ms
22ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVKHJc7T1QBwm4DGtHm1JqHJhewZWnQUSuKMtuFKl4yl4h6UxAP1sEm5b1mr7EMB-jrhr61xIDEiRjeqqVEwlGgXR13B_vJlSKCM-WRX0VcvsLRc7CE9j07CoQ0ZHY6jD8P8tSbNVjcThXbjAaYunkzdWvtNIbEVI8AtBcfIVR_91pVIXo
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eckx8zNELe5G37HXpzdjG643%2B3ZTnxgtJUiA6WE0MeqbQa5UJIeu6lXyWDHO8mKp21dIC%2FWFYr%2BVQVdv7aGi3hUlWSWbZbbdipoo2qzw6%2F4eqVPnDZNc%2By7GWPPwuS83WqDHfDbio5XOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81332fbc8e28bbfe-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ29UErV17fnEifXpqnudOeBdPqwCeY2oiITbj8X%2BCjpJmI%2BblZyIwpXlkcCsiUDMSm5EQ4ecBecBaCRfPjT6Ay6Yr99BZ%2F5XaCs0ocl2NdQU%2BTM7wf3PYdctGF4RhfNB1nTbqeaaSXrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81332fbc59e83638-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8BA3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSNlI8P9gSYJAdPPASW3lAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1

43 B
739 B

21ms
20ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVKHJc7T1QBwm4DGtHm1JqHJhewZWnQUSuKMtuFKl4yl4h6UxAP1sEm5b1mr7EMB-jrhr61xIDEiRjeqqVEwlGgXR13B_vJlSKCM-WRX0VcvsLRc7CE9j07CoQ0ZHY6jD8P8tSbNVjcThXbjAaYunkzdWvtNIbEVI8AtBcfIVR_91pVIXo
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQxcTCbVVhtht8m0uRTmPO9JFmJ%2F3p6RWjyOboa2f5vPSm76srjEaCaPHB4LTwUw9zXUQkA0fVEVS4%2F4AXgPrmY7azgEVavUQMg%2FwTburnb1ldkcJ7AD%2F%2B%2BS9goJbmQxMWANoB7HfF%2FxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81332fbcae31bbfe-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBe6-jxzDUinm3K8LlKz12U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 8BA3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUs7Yc51nZhKOxCcRxmTzA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAUs7Yc51nZhKOxCcRxmTzA%26google_cver%3D1

43 B
887 B

15ms
14ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAUs7Yc51nZhKOxCcRxmTzA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVKHJc7T1QBwm4DGtHm1JqHJhewZWnQUSuKMtuFKl4yl4h6UxAP1sEm5b1mr7EMB-jrhr61xIDEiRjeqqVEwlGgXR13B_vJlSKCM-WRX0VcvsLRc7CE9j07CoQ0ZHY6jD8P8tSbNVjcThXbjAaYunkzdWvtNIbEVI8AtBcfIVR_91pVIXo

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
an-x-request-uuid: 4d971cf6-6e52-4bb5-99d2-71a188ec367b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.57.2; 37.58.57.2; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
an-x-request-uuid: 955656c3-f5ed-4b09-ad16-da919410d47a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAUs7Yc51nZhKOxCcRxmTzA%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.57.2; 37.58.57.2; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BA3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
an-x-request-uuid: 7f869f19-44d5-4963-bfce-d8a9208425f8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D
x-proxy-origin: 37.58.57.2; 37.58.57.2; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3A5 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3417930788166&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3A5 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3417930788166&version=m202309260101&ct=77&x=1&cor=10058233815338260000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D3A5 16 KB
12 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmXVXw99XjI6uQRYmZuEWDq_fisQGYkm1cIzjMW1ZzBRrtPfYlnRye4Onfvhh01Z1OwwPOs8tvNgAa4-9XOR8osLIeqSuYHohuE3W4xT_fgffPmatfYwKbcrmzAkl08MrFHASR8IkNcXWK377DD0_BVEjgxcbQFKc3BGO7T35LbJsI-PQ&cry=1&dbm_d=AKAmf-AJhYwf_8iI6P7AizgseD5nsbpZmRhvnqGOh3c7xWmtslSSFibh6uhh9uQGYG7o1jxHpO8K9NzSKDiIvKlZPFqoEZsGfmT0ejrYR8NzDktxAKx596YNtvMzXmBO8yL09Y0dw2UNrhOA6y6ljY7TMxPetODcmjU_XM3HL9YvzclEbVSt1SrADjZlyOoyL65xAa3jxRXqHJDxBIEd3w6qUWdaBx_1f_VDjqtuNPNtK_TePX-1UQ2JTfZN8dc_6m4zXxOOhDE_fLff1YU6RkRFpvqw62p3G4vJWu7vtx7M439ejGVmoW_aCPkVo3--7-3n22Nd2U_KZdH950ttzkE2J0klM317sAxP6d2yLZa2d7ZK3Xd7uwvev-cijWfyDNNbrIhS2XL-RpGACpTkKp9FzzE2meK3yHhHsyjILO5zOH6BRhDbTxHpyJ9auK4npQvAUgCmq1cJGynCOXpoyR3R-unjByszpZDO_fW7WL0glUzdg5JvTaimVzdnNccHl18agKMyNT2g0xfb-CzT7kTdfnw8OckZpR3mfjjN81cganeLA2XLGFZTP3qhgYoOoPkHAF2cuI3gsJmlvpPBiwzWCY-0nEsyktBr81v16-qBV-BFSTYlNWxvHikf-aFtnQDYXwbxtwsfC9LyQGHO85Jo2CcCSbqwgiHa8gMZJ96XPqsdl5NarOBPjoNA3vt1xypXVbnv6cp7fRS_xekOq8OEEV6VMzZcROfTVSqLgvlgdjf29kJ0nzsserJvL2z5PFv2oKK7uuEEf7PwWnSaWPixs2WB7zeFWZe0-Kq1cqrGXjC116DNNpgfr4nkSyaYpVULeb9dKXpmjP_nRMjnfRxilsnALy5GyVyPX9I13Ra56u13FS9NHL3RjUDjRBqLKPTu0v_Nm3Fo7UPBagRxCISvYCmqnuDhqBsgt0RAS9Zr_xlzu6W_S3_4mlcIWUC6HOhFde2VZ1wCQCcBjbr9J8feOptLGbeqnpPgtBr-8W9755PMxhWyqNLOOmrrJhhFJ-ppxKbIyGjIl6KiGv6MikM24tGJtNkjiOE-wcCS4pNz_BwZSKkVCtSg3ryuUjZrptkLCMOCIef1wNvLhE1qsvXSyV9bUfM8K_y63HcqvrP5uzJVKnCYOvqIeIQRx8fet6dBZULedLKOw16A1QmYm1eGCQwajgfnnAOHOcYRqCKpQjjQx338rA0hsr_mlW_TmYEE8pfeEsF7IuJEMpeFJuuva9lvoZQP5gnMnlZgjb_m3uHRUtARi-5RIICCUCztx-C3AV8Vf4ne009gVf-ubYPgxtvw3XWFw8yNJpvwYi8r5ya_Vt30PhGs7RQpdGL28LW_FlYZd4UtfkXpZk2TvHozyCShwIEWSxPUZExy0R7ZFxaOouiLRP7T8VpABXz3dBjdc0mvbzninK8DAxQe35cwbVLJ65noglY7XRefc_Ibhb_qKEVQRoq1ReY0S1bPesNkhwe3XjcZ7VKTODLbmZyN54Be6OX09ruUQ2Q9iZ0fz9XHrT5NEw6FNytZ4c4uBOsq6mlzyVKpydPZZd9Q19lMbBDgp8CjZYTqIdHjdXY-4pJYJ8I7pKdwEEUvmtnyN0btOaYzz2egM9FXoePgIQRp7T0wTGvIs0j_cFmtH1EHQEM_gJ7ts5G1rjbZwk1DIBqo-yQnaURqlex2Bf0VxMtbdRieeVL71LtRvV2LftwdKUe-VioUbNawdwtLq-gaC9FasGDo_d9JoCj9Lb3TPGh1v_4hN0sdqTNeJqEeOXuuA_y2VCr7IYhmK0FDuxJOdxNB2e1M3CaVVhgv-GlnFrdcZ6COuUjdsEZ0EwLLL2PneRL8y5G8uCdHdF8YFnTFc01Xgce00j3-n2rq6NazY3hLMLuqRTZFBU1qLYpB-Wm_9KrB9nJhgnxRM7-cVFJ9YtL8RxaTAj-xnscwx699Va7tl8pdZFeTexKNFrVdOwEnLcLieyDsvBQi6BInduK9UyVotJL8fcE9zxKIHjd8JVnEBe-uVqBlf1UrxW62K6Mus93_ZEaJ8iPmObHz-3J_MTWEbF5hacbEuh6yGs5GCIGxyj5mdYUttHJx4c0ThpSHa9s5OgEAHSE9ayN8LC5777wZKef9GTgx0sq5g9YdQVhHlsxmi5fZ_OdzOBA61-JILkvT8d_Q7Yqyl2fHH14bp022hkpe4Q86ycqg7AUbXTT9HSQqrmPbaUiYUuPA6F9kLCDC-gNy3H3FWrIQzISQmgj0qtoVlpV4_3xUIhfq-wjh2a4oPv8z01WocMQUTRyEjldMHifbGBIyYiSlHl_tssVSNmHycAMvG-MNfh9v4lhMaHg91h_cO5YEQS7NuL85LynGB_okOy8ftVi39WiVihphNCZrZ-eI5Ripdm7IHjnuERhc_alnXPPrkCl1ls8cA1FNvGszF8H2rhLUGA55iTMf4hEHopY4o1qEm2N9AS8x_ONwfskMoTjmEwg4kLrSapL2fLp9GzEJ63ybaeS5wj757Lr_-jfz5gK2ASuSZeNYyGSIb5nbNGh5HszTyv4xNFzEW_4o8oycOKqLWQ6P45HGFeBHxIoQ1-0CprAS3QYQjOX-gEHNGLpir_-T8QvChikz0h3mPonJOlWVpOqc2jRG9UxcaQSmXBDOP5yf2j8OfU2OJhl315uh9bf45IDFP8GT9Ndqu0mvjNabUAKttEGqRrDjZOKcZcB_DYDKDnqfIHsALwyB46wTpqfz3ud48UcxONqrrCvQTQm9AA30LcXK3VvKsi_gVjiF4LaWx4dLMSNQqQ-uuYFq0525f_aNNeP2s4bVG-HNaNG-PkjkReiLTV4IHrE_dtJHlIzPf2azijt9NEJwFLzlEZrkBiXqEsFBm-ThWsxyNb5W3QzSx9WJJstjWwb9A-qRHpTjQ0bvGlV8hSWFENAkB3cAG-4R7_FH5OTsHwBh6R1X0RJrZNE7VBpmvR3yW7hT7NFOcho-EiJ4A27AQGEDe0MzhEM3hq9CP49gmD3rwaD8B75jU1ub5KMAlkiXuZxmt4AhnRB7i-sE8eVaPilh5_TK5NTrmtkbe2KlkTZW2Q-h7XEgzqp8hYPnrQdypLLowJWqxI-PNFCdX9_wZxy5XnAINMq7lsGNa00mC6NPF3uVxwdWAnIScjMxhfU9C2pNfd85onyeAwG2q1O9zt9kW_PY4q1oGqpLaxdRu7TINp2F1YX0yYXlZ8lKNlRsUyZ6_JHVC1bebZj-0DnL4uByUzUDlCBue0uM5goKk1-f6ltDt4p3ttgbKfAXR5wsuki6rsXO0Ms9wTt4CVlXXpPFYukY5YVb3AIrS7tKFFHEkZsPIqBFzu0emKD6Ut1JeQwnuuGwpKsIRtv8BheUbhOGQyQ6UGCNFQ6t-MONX-W6cXVsgTiniDlSXLNUjkt8yJNL4jAGji3iEkJJBX6_CYpqbhBMXjC9jHxrW335OWZsEG9UXZqDmbotQbpLxYyqUzCFaMAb0FXyZnr28pPp5uhdIun-fycfob44xRCWqjYmamoKsV97TXCzw_6SJkllMHAAVY1k-e4A4tql7xLHQ5uC6ngbDtmt2cdbfBVT8z6Mr13A_EdHrE-P67kvFLPmKKrBh3ZVyo8ALlO57vz0BAkgQFi-8DeaCpqqMTofWoIFrJE8Zu2IvzKrmEZYCchjSdD-gwg0V_7lEurj42SHL0sLaXS6_JMNsXDtgfynE3aCfnLrv3ww6xTllsEzopuIzAGfpLWJ4tV_YHxWvy92zTBEmBKyrwHwI2kOWlIwRhn7BFEZIFKXdNNj7h6WvcQnc2fdlgqZc3-n2gp5QkXeVLFa546nhsSlCnM3AwTxcgSTQ1LaAiMDp33HWGzxfcq5Jd07O8ZHWUZF6HDKyEqfy4o2pdF74T8nDO3JH40qwX3irQAwGexe-BFa95yGIrb2&cid=CAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dcfever.com%2F&ds=l&xdt=1&iif=1&cor=10058233815338260000&adk=250412560&idt=57&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b74da0c909a06c88d8f8996ddb342f2b3d8ef20ca78ab051ef3cbd8e742a3112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D3A5 41 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmXVXw99XjI6uQRYmZuEWDq_fisQGYkm1cIzjMW1ZzBRrtPfYlnRye4Onfvhh01Z1OwwPOs8tvNgAa4-9XOR8osLIeqSuYHohuE3W4xT_fgffPmatfYwKbcrmzAkl08MrFHASR8IkNcXWK377DD0_BVEjgxcbQFKc3BGO7T35LbJsI-PQ&cry=1&dbm_d=AKAmf-AJhYwf_8iI6P7AizgseD5nsbpZmRhvnqGOh3c7xWmtslSSFibh6uhh9uQGYG7o1jxHpO8K9NzSKDiIvKlZPFqoEZsGfmT0ejrYR8NzDktxAKx596YNtvMzXmBO8yL09Y0dw2UNrhOA6y6ljY7TMxPetODcmjU_XM3HL9YvzclEbVSt1SrADjZlyOoyL65xAa3jxRXqHJDxBIEd3w6qUWdaBx_1f_VDjqtuNPNtK_TePX-1UQ2JTfZN8dc_6m4zXxOOhDE_fLff1YU6RkRFpvqw62p3G4vJWu7vtx7M439ejGVmoW_aCPkVo3--7-3n22Nd2U_KZdH950ttzkE2J0klM317sAxP6d2yLZa2d7ZK3Xd7uwvev-cijWfyDNNbrIhS2XL-RpGACpTkKp9FzzE2meK3yHhHsyjILO5zOH6BRhDbTxHpyJ9auK4npQvAUgCmq1cJGynCOXpoyR3R-unjByszpZDO_fW7WL0glUzdg5JvTaimVzdnNccHl18agKMyNT2g0xfb-CzT7kTdfnw8OckZpR3mfjjN81cganeLA2XLGFZTP3qhgYoOoPkHAF2cuI3gsJmlvpPBiwzWCY-0nEsyktBr81v16-qBV-BFSTYlNWxvHikf-aFtnQDYXwbxtwsfC9LyQGHO85Jo2CcCSbqwgiHa8gMZJ96XPqsdl5NarOBPjoNA3vt1xypXVbnv6cp7fRS_xekOq8OEEV6VMzZcROfTVSqLgvlgdjf29kJ0nzsserJvL2z5PFv2oKK7uuEEf7PwWnSaWPixs2WB7zeFWZe0-Kq1cqrGXjC116DNNpgfr4nkSyaYpVULeb9dKXpmjP_nRMjnfRxilsnALy5GyVyPX9I13Ra56u13FS9NHL3RjUDjRBqLKPTu0v_Nm3Fo7UPBagRxCISvYCmqnuDhqBsgt0RAS9Zr_xlzu6W_S3_4mlcIWUC6HOhFde2VZ1wCQCcBjbr9J8feOptLGbeqnpPgtBr-8W9755PMxhWyqNLOOmrrJhhFJ-ppxKbIyGjIl6KiGv6MikM24tGJtNkjiOE-wcCS4pNz_BwZSKkVCtSg3ryuUjZrptkLCMOCIef1wNvLhE1qsvXSyV9bUfM8K_y63HcqvrP5uzJVKnCYOvqIeIQRx8fet6dBZULedLKOw16A1QmYm1eGCQwajgfnnAOHOcYRqCKpQjjQx338rA0hsr_mlW_TmYEE8pfeEsF7IuJEMpeFJuuva9lvoZQP5gnMnlZgjb_m3uHRUtARi-5RIICCUCztx-C3AV8Vf4ne009gVf-ubYPgxtvw3XWFw8yNJpvwYi8r5ya_Vt30PhGs7RQpdGL28LW_FlYZd4UtfkXpZk2TvHozyCShwIEWSxPUZExy0R7ZFxaOouiLRP7T8VpABXz3dBjdc0mvbzninK8DAxQe35cwbVLJ65noglY7XRefc_Ibhb_qKEVQRoq1ReY0S1bPesNkhwe3XjcZ7VKTODLbmZyN54Be6OX09ruUQ2Q9iZ0fz9XHrT5NEw6FNytZ4c4uBOsq6mlzyVKpydPZZd9Q19lMbBDgp8CjZYTqIdHjdXY-4pJYJ8I7pKdwEEUvmtnyN0btOaYzz2egM9FXoePgIQRp7T0wTGvIs0j_cFmtH1EHQEM_gJ7ts5G1rjbZwk1DIBqo-yQnaURqlex2Bf0VxMtbdRieeVL71LtRvV2LftwdKUe-VioUbNawdwtLq-gaC9FasGDo_d9JoCj9Lb3TPGh1v_4hN0sdqTNeJqEeOXuuA_y2VCr7IYhmK0FDuxJOdxNB2e1M3CaVVhgv-GlnFrdcZ6COuUjdsEZ0EwLLL2PneRL8y5G8uCdHdF8YFnTFc01Xgce00j3-n2rq6NazY3hLMLuqRTZFBU1qLYpB-Wm_9KrB9nJhgnxRM7-cVFJ9YtL8RxaTAj-xnscwx699Va7tl8pdZFeTexKNFrVdOwEnLcLieyDsvBQi6BInduK9UyVotJL8fcE9zxKIHjd8JVnEBe-uVqBlf1UrxW62K6Mus93_ZEaJ8iPmObHz-3J_MTWEbF5hacbEuh6yGs5GCIGxyj5mdYUttHJx4c0ThpSHa9s5OgEAHSE9ayN8LC5777wZKef9GTgx0sq5g9YdQVhHlsxmi5fZ_OdzOBA61-JILkvT8d_Q7Yqyl2fHH14bp022hkpe4Q86ycqg7AUbXTT9HSQqrmPbaUiYUuPA6F9kLCDC-gNy3H3FWrIQzISQmgj0qtoVlpV4_3xUIhfq-wjh2a4oPv8z01WocMQUTRyEjldMHifbGBIyYiSlHl_tssVSNmHycAMvG-MNfh9v4lhMaHg91h_cO5YEQS7NuL85LynGB_okOy8ftVi39WiVihphNCZrZ-eI5Ripdm7IHjnuERhc_alnXPPrkCl1ls8cA1FNvGszF8H2rhLUGA55iTMf4hEHopY4o1qEm2N9AS8x_ONwfskMoTjmEwg4kLrSapL2fLp9GzEJ63ybaeS5wj757Lr_-jfz5gK2ASuSZeNYyGSIb5nbNGh5HszTyv4xNFzEW_4o8oycOKqLWQ6P45HGFeBHxIoQ1-0CprAS3QYQjOX-gEHNGLpir_-T8QvChikz0h3mPonJOlWVpOqc2jRG9UxcaQSmXBDOP5yf2j8OfU2OJhl315uh9bf45IDFP8GT9Ndqu0mvjNabUAKttEGqRrDjZOKcZcB_DYDKDnqfIHsALwyB46wTpqfz3ud48UcxONqrrCvQTQm9AA30LcXK3VvKsi_gVjiF4LaWx4dLMSNQqQ-uuYFq0525f_aNNeP2s4bVG-HNaNG-PkjkReiLTV4IHrE_dtJHlIzPf2azijt9NEJwFLzlEZrkBiXqEsFBm-ThWsxyNb5W3QzSx9WJJstjWwb9A-qRHpTjQ0bvGlV8hSWFENAkB3cAG-4R7_FH5OTsHwBh6R1X0RJrZNE7VBpmvR3yW7hT7NFOcho-EiJ4A27AQGEDe0MzhEM3hq9CP49gmD3rwaD8B75jU1ub5KMAlkiXuZxmt4AhnRB7i-sE8eVaPilh5_TK5NTrmtkbe2KlkTZW2Q-h7XEgzqp8hYPnrQdypLLowJWqxI-PNFCdX9_wZxy5XnAINMq7lsGNa00mC6NPF3uVxwdWAnIScjMxhfU9C2pNfd85onyeAwG2q1O9zt9kW_PY4q1oGqpLaxdRu7TINp2F1YX0yYXlZ8lKNlRsUyZ6_JHVC1bebZj-0DnL4uByUzUDlCBue0uM5goKk1-f6ltDt4p3ttgbKfAXR5wsuki6rsXO0Ms9wTt4CVlXXpPFYukY5YVb3AIrS7tKFFHEkZsPIqBFzu0emKD6Ut1JeQwnuuGwpKsIRtv8BheUbhOGQyQ6UGCNFQ6t-MONX-W6cXVsgTiniDlSXLNUjkt8yJNL4jAGji3iEkJJBX6_CYpqbhBMXjC9jHxrW335OWZsEG9UXZqDmbotQbpLxYyqUzCFaMAb0FXyZnr28pPp5uhdIun-fycfob44xRCWqjYmamoKsV97TXCzw_6SJkllMHAAVY1k-e4A4tql7xLHQ5uC6ngbDtmt2cdbfBVT8z6Mr13A_EdHrE-P67kvFLPmKKrBh3ZVyo8ALlO57vz0BAkgQFi-8DeaCpqqMTofWoIFrJE8Zu2IvzKrmEZYCchjSdD-gwg0V_7lEurj42SHL0sLaXS6_JMNsXDtgfynE3aCfnLrv3ww6xTllsEzopuIzAGfpLWJ4tV_YHxWvy92zTBEmBKyrwHwI2kOWlIwRhn7BFEZIFKXdNNj7h6WvcQnc2fdlgqZc3-n2gp5QkXeVLFa546nhsSlCnM3AwTxcgSTQ1LaAiMDp33HWGzxfcq5Jd07O8ZHWUZF6HDKyEqfy4o2pdF74T8nDO3JH40qwX3irQAwGexe-BFa95yGIrb2&cid=CAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dcfever.com%2F&ds=l&xdt=1&iif=1&cor=10058233815338260000&adk=250412560&idt=57&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame D3A5 12 KB
4 KB 55ms
13ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1696818466796753&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: ce7aa7f86f8c283b1342c2f8f4862c545f92d6ce789f65da60eaf92fa58652e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4252
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BA54 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 304695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame BA54 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame D3A5
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

92ms
69ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: HTTP/1.1
Server: 116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 085ce8b353749005e72e8e31a31415868d9b7031f84df3377a75e9767d3916da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52487100006319004444550012472013
Connection: close
Content-Length: 1352
Expires: Mon, 09 Oct 2023 03:27:47 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:47 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 09 Oct 2023 03:27:47 +0200

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B71 42 B
64 B 72ms
56ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0Z-JX-ZeTo6Yly3ABHObFILndYHoXqLZ00rHtSBQ-Zh3pg33GKJoIz-dvnBrMWFFgGtl1sNwzD3MbrcP_4GYuUtKkdg5rrAouHAA&sig=Cg0ArKJSzNBTfXJom61pEAE&id=lidar2&mcvt=1007&p=0,0,250,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=738776673&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696818466126&rpt=315&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA54 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPxEeI2UjZZvAEKDB9u8PsMe2qAMAAAAAOAHgBAI&bg=!ERKlEl3NAAYMG8UMLBs7ADQBe5WfON1mJjSSgSNxhDdXSqslblEfCNkHMFHKThaZQF69NBUxLb6V7kGDAPSz1JOOlqLHAgAAAFhSAAAACWgBBwoAT-3fGEi0wTaYNgnc_JNDtriggZv1Lzs5KoEnPxu6AcvjxfHu9m39wtwqHclgYc_H79bu5kJPb3KLJaKs6pvnRMXKzKZnmS_2BMg3vyAUIkGZAt1BUMKLxCgRlYMIIIBjIbhZRY4FO5H60n141HADQ3gqJYUXCIWG4_4aR7lbtweTAErbyvIiuWZdz5ffRic-ALwSdoaOXpyGerfPt0oB3_IUXmueZUplT4c9eJfStdRTueJAVfJzvqeAX4cVipx_qsp07nDWU8Ibtfe1Yr_d4tR5ktqmuAgp8xzts-gu641PCC6_LrBDxNF1qWyuZ-MmZReec2vhDz8k-RZYMOchMENUWeGRKqbpR427YmqpDVmlQBMmaDxL_UzXDOLpcNgxg67JqLnJ_Ic0gkn0cnXy9Za8n_HoUz2y8mTA8hXR0KwpSVEmXFl9nJK58LyGNrVYXi3-IyZfn5t_1EvI_2kj9sBmTo5uDcfBBrJ_EqAYZ7ysAuVMJoXJdm--XQcdRVs_SYKE4_-x3URBDfD7xPoLrOoFWi8ROlBZIeoa9vERNlvUWCdRm0e4CleRRdUN0ugdbQxaAedOJ_0S3o3o7oTG1I6QjPXonpJnBJbAvWIRCPdLEXPxzppieT2gLjxZziMe76gdoQA1-Uk3kz72BUw-QYjq9xMkNjYButXnqHe-wibLd3Mmv-CGFVxdisEoXe1pogV3VMzkgHgxU6WEP_a4aIombh90j6XFHYkuerMrAPpHngkHiedOHTBiG3L9oVZvz1Ywyr15xjRH4-YnaTh0O79bByba9Eko8sI1qry8XEcBsPZxVSYQIlxdnLbMumN-cHJfTO_lK82-ZHnR5ZdS_6LaBhX0EuSjoT8zakO-bf_2o8XpJMAUo6swH9H7wuxehjRm3hcLbBQ-aLlQ5411KoZrF3qHENguruJFVIStiCrQTkc5ChYD3y7C6l3DZ6OD09hY3c_a1P5T5ENKzMehNrjue-Cv1Wy3sKSrDtpsamp6cjeQ07aZKokiWnlto2REwDEwLzLvw64oAIDvI6zFGgUKfmfZQTwCQeVnq6SxCpLjIeRSDlACuOwEbqtCNxIC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A2DD 0
466 B 111ms
52ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52487100006319004444550012472013&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Mon, 09 Oct 2023 02:27:47 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 253A3902:CAC2_91EFC182:01BB_65236523_11C9318:1D8B7

GET
H2 200 / Show response
adv.office-partner.de/ Frame 3B90 930 B
931 B 86ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=185512da48&subid=&uid=8726dcf26b7c43ee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd_NsImUjZdHQMIOk9u8PkLagkAam5b2gaYWVnKfJD_AuEAEgyM7iH2CVgoCArAfIAQmpAs4bsBDdwrE-qAMByAObBKoEkQJP0IqAzpWPWMpIafRCRVZ5XCnkEzJwpfgEDG_NjQ7hFCRyLrbDivFvT9mtErPY3Qdv4Fs4JfveKetz_BXyhsM5HSaubKvIcoor-MSQdd6Db6WE5zHezHHcvS3zJL919IwHN7iR3Z5i-RjcSXi47FAV9LkUXtHEoR91LyJQCG4z2X6ckSiIv3v4v87ydAQP8Ha3avKnxREAC0n7XVlzQv0C6-xXqGcrP8mL9ggtJNTXMk8DEykGMEeerZxqzgpgsMGlzAAmCYvWinpTIzLDL0m044PkCbeDEfDtEus8tbHaAJZxWN8qSXigeQcbEqfTzu7SkUAs0nDOLTTzotqZi5ZybzkO1JUWV6Mxx_7W6bJoe0nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI0enYr_XngQMVA5L9Bx0QGwhiEAEYASAAEgJF8_D_BwE%26num%3D1%26cid%3DCAQSOwDICaaNzs7qzxFEeFxwLLotOSs9kZinGKSyXtZfyr0PMuxcdBRTYnAjrZg03nWWbws3hhHCijModw_8GAE%26sig%3DAOD64_1Z7byoioCboT0Tey-dJFMyiiFjnA%26client%3Dca-pub-8038336834024926%26dbm_c%3DAKAmf-B_NkodAzc3D-okcCGOmuGdQDg28qO3gnor2FjjTL9FbmsS7xSi_uL-zfIgfEMmC1sy8IFygiOB4GjCPbR3wCw9r-ukh69Sx6-o0YNJDP9GyJZfilrjM7BwU7zFYxoC3DyCe9BuIOU-6UkCeTVutwDha7YjK4q2z_JCtgdke5ywwA9Ysns%26cry%3D1%26dbm_d%3DAKAmf-Db5Q9DA8V-ZxFw4kaB_SrtdYitoOzomKe9_UOxhvXilEfYM5UJSYIoMUHxtfzoUwo5Df0xME8IrPSiGc6UerEVnsaA46r5-KC-G5mx3odo7Nl41mYevMMcYyw-d4g8dWeKyY0d9jDGjZwTfBhHuKgS02UMSe00EHzSE3Qsl-9klEbx7oLTtaVQ8B8QHxFCBl6MpXI4Ad3h75-JOnXt6ISQYj2-jUx00fYXjF784y0w773HI5xTmpIWd79VU_ih4SU2_ONq-PkXbHpyCGA2si0ZWFMnJKsanYsw5JJc4jcVytu5XlgSyPzpd4rx_8DVpVvxtgmo9R-AKHnAlqXpaaWQpAY3wfvn7sbfnJwh8_OREQF5G4DguXgGl1FE8Bdz5zMDdh81yYBY5NnU_sqTnt3_I4GdUWqlxMLzENfqgwTeWqGfaniR8Sw5vhXWwfR8ViHmlh-J2Fxne0ivG-s1Ma3x3ETuiQY-1hl-7IDL-uToBBkCK7YCdWw0iTaWs9YZkv4CCl9IWny2xl0bgrTow_VRu-w5PNDLyrS0OTTeTCqK1VfobXp0z2nTgDKWxEjnG9P6loRDbge9odNDb8lMcYOTkPvEmw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=3461590202579&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 09 Oct 2023 02:27:47 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 16 Oct 2023 02:27:47 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame D3A5 0
466 B 110ms
51ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52487100006319004444550012472013&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 253A3902:CAC4_91EFC182:01BB_65236523_11C8155:1D8B8
x-iplb-instance: 40027
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame D3A5 43 B
482 B 110ms
52ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=52487100006319004444550012472013&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 253A3902:CAC0_91EFC182:01BB_65236523_11E5246:27FE5
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D3A5 43 B
702 B 147ms
84ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=52487100006319004444550012472013&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 02:27:47 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 4686 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 02:27:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 3B90 174 KB
63 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b805c516073369453d8e385df77cb10c0b68d3405792a99655561f89cdc845d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64038
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame D3A5 2 KB
2 KB 140ms
64ms Script
text/html 3.9.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=52487100006319004444550012472013&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.250.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-250-12.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6513304f0b954193db2194879d5495882ec54ff6e9114e1773e9ff97d2a34835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
last-modified: Mon, 09 Oct 2023 02:27:47 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 09 Oct 2023 02:28:47 GMT

GET
H2

200

activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429 Show response
5994599.fls.doubleclick.net/ Frame D4DC
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429?

391 B
327 B

29ms
28ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

c2bff4a1d4f2d836c84ba341ebe6bf852507de52848b2f5bf0655b7bf08964d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:47 GMT
expires: Mon, 09 Oct 2023 02:27:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 445C 7 KB
2 KB 37ms
13ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 2dc1f4c722bf4dc3714a48733f567c70b291606d2172b42d7547ed1790cc9f08

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2085
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Oct 2023 02:27:47 GMT
Expires: Mon, 09 Oct 2023 03:27:47 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D78 1 KB
643 B 12ms
10ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Mon, 09 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D3A5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 967e957ffb2738be41c394d0565c5945e8f49db60c66822e123652d66a508756

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 445C 2 KB
843 B 64ms
21ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:21:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 445C 10 KB
10 KB 40ms
14ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 9cae11f189de5f82f4eb590e9015aa5e7325e5b08c3abc2aeefb5033d25d194f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9890
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 445C 7 KB
7 KB 42ms
14ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: aae20adb71bc608a4cda9f5fe95a9ceec2976fb9f47efae93d45237a3d0568a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7115
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 445C 9 KB
9 KB 134ms
107ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 3c06c1389ca81327ade99801503afe4a0af6c48af406c1964e733f4a038c1a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9250
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3D78 0
104 B 128ms
40ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFHAQOnVHgSHJ3fvwxwycLk&google_cver=1&google_push=AXcoOmRYvrxXGzSkRMWxb6G0KYz7SeiAtgC_H9qnEdVuHxui5r0dX4OidYCEKrZGPRsHMUomzeKVer8kL4GN00fiEc_zHh-WFJEY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHVZ0OEMDt8Drz-I_ZxNrU&google_push=AXcoOmQggzK8vZbHK6t4egp0X6sKEMcMiXwKRiUuGaTer19j6ryZygcK4l...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHVZ0OEMDt8Drz-I_ZxNrU&google_push=AXcoOmQggzK8vZbHK6t4egp0X6sKEMcMiXwKRiUuGaTer19j6ryZygcK4lPgT8HaB4DBIMdVNMFEpBPmtZ6QoT0VWB0fhV1k2y2h2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230132-FRA
pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696818468.770721,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHVZ0OEMDt8Drz-I_ZxNrU&google_push=AXcoOmQggzK8vZbHK6t4egp0X6sKEMcMiXwKRiUuGaTer19j6ryZygcK4lPgT8HaB4DBIMdVNMFEpBPmtZ6QoT0VWB0fhV1k2y2h2w
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 3D78 43 B
199 B 150ms
32ms Image
image/gif 99.81.152.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEIzyyH4DPHeY6SsknNhxOWQ&google_cver=1&google_push=AXcoOmR0HWzfHfpEFwLXwswQOozo_cB1yk5aULrY9YTlsLkSXl55bw8UML-PvGHf5C9yno2n6-Z4K3Pevaeg2ayDMglBnMFFoa2xFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-152-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 02:27:47 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D78
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-cc71dc56-44a9-46c3-b093-595c77e2a48a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRH2WRSXl-ddXnWMVgqR...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&google_hm=A8xx3FZEqUbDsJNZXHfipIo

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&google_hm=A8xx3FZEqUbDsJNZXHfipIo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRH2WRSXl-ddXnWMVgqRMWrEvsFVn9Hdylm7yJXgyAFBDciUB1UURg7PFJhdQMbsDhA_9CorWa88Sxmg2ssOormMqKaVua60Q&google_hm=A8xx3FZEqUbDsJNZXHfipIo
date: Mon, 09 Oct 2023 02:27:47 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXcc71dc5644a946c3b093595c77e2a48a003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D78
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGf...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGfB1CfZ0SrJ3TjXuqkY...

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGfB1CfZ0SrJ3TjXuqkY-zxc5_pvcz11B5N8gdzyPDQMWQRK4aISnLpH2ihy3ix4iIgufY13S4MaxdUBQxPgWfTuI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
an-x-request-uuid: e8c6e711-8141-48bb-a1d7-3cdbb4b38726
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODYxODAxNzA5MTI4ODE3MTAwOQ%3D%3D&google_gid=CAESEE_YBJKb2WPo48lArNUe5i4&google_cver=1&google_push=AXcoOmS2UiBn0KXGfB1CfZ0SrJ3TjXuqkY-zxc5_pvcz11B5N8gdzyPDQMWQRK4aISnLpH2ihy3ix4iIgufY13S4MaxdUBQxPgWfTuI
x-proxy-origin: 37.58.57.2; 37.58.57.2; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 3D78 43 B
146 B 216ms
12ms Image
image/gif 18.185.230.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIctktG2zxwmzFBeghbYkQQ&google_cver=1&google_push=AXcoOmTezFQ0aPlc1fY4pA3eafgFJD55B_VW1qA45kvAf_3xcug-ypzMw62ttj2atSGsU27pTVpWreDWxX5wTp3l2uYp47uKOzO1KQs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.230.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-230-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D78
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ded58f30-a8c3-40fb-91f9-aba58af0b2aa&google_cver=1&google_gid=CAESEAaWUV5i1ssCbwqNGBrtbF0&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ded58f30-a8c3-40fb-91f9-aba58af0b2aa&google_cver=1&google_gid=CAESEAaWUV5i1ssCbwqNGBrtbF0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQbQ4rnMsRwUr1ubwS3Mttj3Gc_NNE4zX_TzaanT43V0yVywn7SUD9FSb1eUut3I5eWdlqmft1HXWdnfpoaERUII9Xlb6mNxa0&gdpr=${GDPR}

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ded58f30-a8c3-40fb-91f9-aba58af0b2aa&google_cver=1&google_gid=CAESEAaWUV5i1ssCbwqNGBrtbF0&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQbQ4rnMsRwUr1ubwS3Mttj3Gc_NNE4zX_TzaanT43V0yVywn7SUD9FSb1eUut3I5eWdlqmft1HXWdnfpoaERUII9Xlb6mNxa0&gdpr=${GDPR}
date: Mon, 09 Oct 2023 02:27:47 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D78 0
12 B 18ms
17ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IK-DOryj9nCXFbwM7w_cUhZovQHT9859TXoX7cWSe7JNZ1ik0MnVYJ5BeUxmQfd-NJBhjbt4ml

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3B90 272 KB
91 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d5b9d1882aeec42d230da3cc332b9468bddd5665d417f1f42336bcccdd55e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92655
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 445C 0
150 B 57ms
21ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=52487100006319004444550012472013&a=4da848a8&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=52487100006319004444550012472013&a=66750c4e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 02:27:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429
adservice.google.com/ddm/fls/z/ Frame D4DC 42 B
401 B 85ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqplLD154EDFZfFuwgdsA4D6Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8544384600199.429?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E53B 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGCkvJ-LYT0grXykA6YJJZm8LTpKEm1hU87JDALH9FviB2WvHkmBdXo1JwLy5wZrr0fRHx6CHAMpmr1MR6Sbiv0MR_9zRmbLWuxB-CU8tXLBaWrq7JazGFdFEYhSekBMYRO1SYHy0mvFby&sai=AMfl-YROWEQ9eFUp3A-aTRYtxxoDb2ilYxndiIHYJhsdILoDKNqDRu51j6ShE_E76l2UaC32dIlGoeAq3nuU&sig=Cg0ArKJSzKVZXJ8tHrAJEAE&cid=CAQSGwDICaaNAgUYXIMI8XGY1KEjExDQYg2yMEc-5xgB&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=785354580&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696818466117&rpt=738&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D3A5 52 KB
18 KB 60ms
10ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=52487100006319004444550012472013&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 17:12:13 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 33335
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Z6v3C4OgUT0DPdaDNyN1AEo7UoQj7VSrNy6AHoIaM_rBBFJ9HsTx2Q==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame D3A5 3 KB
3 KB 42ms
10ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1696818767&Signature=CqBtF99Jx1Q5PEGoJx5zmRx1OWeM34n5vPDXm6cCu20HHFrXGr8SimFSlMFfsYScWQTkI1Uz-S4lKTGTsZzpeHKudKQjGwDsmaWpNzfGdDF83YZtlxhq3lXXW3VfKfKtKij3AMx-B3Lf0T8WERmVO9~zuEUhaHV~eXlrsfTJCc3BnUmBEQL0Q8is70oFIUIpc2u4kGHcl5FEKIfIE1N4hxRMzNDacZzRVZ4wVQHl~hI2kLZJqqRgMCOOiIJQCBCHOQrMvXSgNm4-MnqtRoxaBdnitBdj1q2GMf9TA9q6FrAmwlyflh8ulskZCxAlINwmyS-0bTWy7PMo-n83Bon93w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=90&slotname=5424819499&adk=4189683334&adf=1214250763&pi=t.ma~as.5424819499&w=728&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818466484&bpp=1&bdt=2540&idt=1&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D40f159807aecd348-2254e0bf3adf0038%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g&gpic=UID%3D00000c92f22e2756%3AT%3D1696818466%3ART%3D1696818466%3AS%3DALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w&prev_slotnames=5424819499%2C3974334687&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&psts=AOrYGsl-zAVh_3n084NN25bg-KET5K3tGMAPr_VM0B0lQMnQr2OGHARWZnlLKCNtZ5NSbcpH6gqdtTuPo4-LbQ&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ClTSFxn7uu&p=https%3A//www.dcfever.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 08 Oct 2023 04:33:00 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 78888
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: zDcDs254S8ipgAOEFx0kit92NlYFhhyOJBllDM5IeJKh8Ig6kRQ71g==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 34ms
34ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

550b451d882eda92bb3afc863eb0166bd5b98b590d8e6593552c26e9978c9586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12068
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 02:27:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B79E 13 KB
5 KB 13ms
11ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 20:01:01 GMT
expires: Mon, 07 Oct 2024 20:01:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4FDC 829 B
1 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8be311d16eaaabef2dee660425ff6a48bf154d2333ad86d8d707b54914e10039

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fT0QuHV0RhvjJBoVKBGE1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dcfever.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fT0QuHV0RhvjJBoVKBGE1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 02:27:48 GMT
expires: Mon, 09 Oct 2023 02:27:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame B79E 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 16:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 16:21:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4FDC 0
0 49ms
49ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2532887206361183&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B79E 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F0yvkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D3A5 16 B
209 B 78ms
77ms Fetch
application/json 18.135.155.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.155.178 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-155-178.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 02:27:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 122ms
24ms Preflight 18.135.155.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.155.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-155-178.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 09 Oct 2023 02:27:48 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2532887206361183&bg=!SUqlSgXNAAbjlzx0w5c7ADQBe5WfOB75fjNNraPV6BREngQGdSG-ZGoFOpcD3P3AeKFFnwMRGP_GiwyN7Rwk4K0jyHIKAgAAAFpSAAAAB2gBBwoAsV3xMCoFfO3F11LAr7DDhDdkVoMd-2w9DVYcf5M_l5kE7o0UQc1YSDN5f_eGn8PdACreEBakCAw_z6tgO4Nl3bV6hmT65DXEkxEE-8xU8CbyxIDUuwTggjWEo46WoDMUPmB-pC-J_ofa4xR-MU1IdUgU4fkppNCRhwmZWmQvcfNY2GUAj6XXDjvk2csgyCCvHJrwOO5rd-Au2ObAASHQkIXWpe359sAgcfkHSBgNGj8BUJkCw6RN-UAWvWV-uW_uGU_UQcn9RxZkM_vhKmQrbnCEOBCqMsp_KE9b5a_FBtRVzIjoaYWpic1ypCjDzu86YKjb63dXlV4LbCLNlXrg7xDgrrV3G6IPuM-4YHNjHIXjPCVGKRs0ql-4sakFTIiK74rCjoQoObg9fwLnOaWL9Up-TX4UF152-_NGPUvAnqPZRVuxGqPLpODpL_4zhGkc2mnXJ5i0LZi8cuH2omRDpmzhhVFT448_HLgt_jglqpxpA0C5h7nDW51Qrb3V1-aWasbWd2NuwQrztIfFqS_R44GpcgHGrHiHAs6-t3NmhJ_pgVyd0K9wDyHiRsAeUlDP5fVXXrJpr-KmhtnKK7ot7TrYabyLtmjUfN1CYgHjMxCRF4HF8tyPF-i38ANpF5JRt-4a6uGOvfIuIj-xchx1zJA7-_isz2s3Qvbc44WMae31eEw-7VMnepeKUdvq0Jp6AHlVCa_QzZ6opqGpWdYV5qKcvBR0Dm_h5DmSUuzXF7uBwqv6237KSMjKZ0CbVtNVID_MsYFJUdozYGPgS1vjuluB5hBEow7BP28gsueR0NQ-8kZGRHnA_bCpGjXZMYs-D8eCbQqygdGUHWYOedrVKRqyDuBSQHRN1v61R912ZTI_YTiS7jyI6LAYU9Mb_ozGClhCe_-bJiYZ8R2qCRLrRsqBCCUQpDHrcV5eL36-MU8oRRiAddZSvPcNCHVVX8cgCnkjNghsy7eFk_vOCgjRnGpcY5uqKgAL9bgxvzrgSFVViBjZG9Amym8xJ-PKOXNFnTjCNsqgk64N42_kKitBVEeadYebf8hhxz2zIiu02s5FT8KVmBKzBrfXveTGOZg8RkFQlc3htuQGnUlotFagKJwqDy_HttO7Zc9d3IdmHEQFKHFTVhUznARU_jl_Sk1EpTwIlWhk4x0BAsB4cDW-_13DcbNGqz0X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dcfever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3A5 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3417930788166&version=m202309260101&ct=77&x=1&cor=10058233815338260000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c0b34daa44234247987359c87a1b18b6_cpn_300x250_1.jpg
static.criteo.net/design/dt/3018/4734091/ Frame 4686 16 KB
16 KB 22ms
22ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/4734091/c0b34daa44234247987359c87a1b18b6_cpn_300x250_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49314d82f99bb44b050af1c5d856d3432a8e12ec5a1e5807f474fa633f7cb26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:27:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Sep 2023 08:15:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65153607-3f65"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 16229
expires: Thu, 03 Oct 2024 02:27:50 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 26ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5ND0VB1W90&gtm=45je3a40&_p=1118924568&cid=1799254499.1696818464&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696818464&sct=1&seg=0&dl=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&dt=azpartsnow%20%E7%9A%84%E5%80%8B%E4%BA%BA%E6%AA%94%E6%A1%88%20-%20DCFever.com&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dcfever.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 02:27:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dcfever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dcfever.com/	1970-01-20 16:03:30	Name: dcff_u Value: 0
.dcfever.com/	1970-01-20 15:30:23	Name: dcff_sid Value: 1f9420660acf22145858a3d9c1475469
.dcfever.com/	1970-01-21 00:05:54	Name: ssid Value: 20231009102705.gxU7LXGc
.dcfever.com/	1970-01-21 00:56:18	Name: _ga Value: GA1.1.1799254499.1696818464
.dcfever.com/	1970-01-21 00:41:54	Name: __gads Value: ID=40f159807aecd348-2254e0bf3adf0038:T=1696818466:RT=1696818466:S=ALNI_MY7d7okkVkeZT5xdZiY4XF3DwaA7g
.dcfever.com/	1970-01-21 00:41:54	Name: __gpi Value: UID=00000c92f22e2756:T=1696818466:RT=1696818466:S=ALNI_Mbv6pUkPnVWpe3JZgRpdlfOGCy18w
.doubleclick.net/	1970-01-21 00:41:54	Name: IDE Value: AHWqTUkBRzAnhpggSW0DMFKeqldl0mEmjPGSaxlVFqWygVHnc5bcgSCoLnLHmWPQMP4
.casalemedia.com/	1970-01-20 17:29:54	Name: CMPS Value: 1119
.casalemedia.com/	1970-01-21 00:05:54	Name: CMID Value: ZSNlI8P9gSYJAdPPASW3lAAA
.casalemedia.com/	1970-01-20 17:29:54	Name: CMPRO Value: 5134
.adnxs.com/	1970-01-20 17:29:54	Name: uuid2 Value: 8618017091288171009
.doubleclick.net/	1970-01-20 19:39:30	Name: APC Value: AfxxVi4X5gzcKVw3Gc6dAwgCE1vRWZCoR4R_3gd-m5fF7sl9cX86MQ
.adnxs.com/	1970-01-20 17:29:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>=g6Zge!]tbPl1M>e)ZlrFUfJ+tGXxoPF]+ms_Hm<A@21q6Oqd=5:?g^bYZTpkbivgbbpRzqF1`b_'A$Nzp
.redintelligence.net/	1970-01-20 17:29:54	Name: 8lcfmzhxc8d6_uid Value: 512fef6cf6924e94
.awin1.com/	1970-01-20 15:30:23	Name: awpv11601 Value: 113440\|1696818467\|6fa41a30-664b-11ee-8502-226591661de6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.dcfever.com/	1970-01-21 00:56:18	Name: _ga_5ND0VB1W90 Value: GS1.1.1696818464.1.0.1696818467.57.0.0
.office-partner.de/	1970-01-21 00:56:18	Name: source Value: {"webgains_webgains":{"timestamp":1696818467758,"clickCookie":false}}
.csync.loopme.me/	1970-01-20 17:32:47	Name: viewer_token Value: ded58f30-a8c3-40fb-91f9-aba58af0b2aa
.1rx.io/	1970-01-21 00:05:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc71dc56-44a9-46c3-b093-595c77e2a48a-003%22%7D
.everesttech.net/	1970-01-21 00:05:54	Name: everest_g_v2 Value: g_surferid~ZSNlIwAWYuyNeABY
.targeting.unrulymedia.com/	1970-01-21 00:05:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc71dc56-44a9-46c3-b093-595c77e2a48a-003%22%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=34164474657&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=34164474657&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=34164474657&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=30588068588&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8038336834024926&output=html&h=250&slotname=3974334687&adk=738776673&adf=3271635628&pi=t.ma~as.3974334687&w=300&lmt=1696811266&url=https%3A%2F%2Fwww.dcfever.com%2Fusers%2Fprofile.php%3Fid%3D1172991&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696818465944&bpp=83&bdt=2000&idt=177&shv=r20231004&mjsv=m202310030101&ptt=5&saldr=sd&abxe=1&prev_slotnames=5424819499&correlator=3891405826101&frm=20&pv=1&ga_vid=1799254499.1696818464&ga_sid=1696818466&ga_hid=1118924568&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1078&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44798934%2C44804782%2C31078673%2C44769661&oid=2&pvsid=2532887206361183&tmod=1115223676&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zHCAa3bwkd&p=https%3A//www.dcfever.com&dtd=181 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=30588068588&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adx.adxglobal.com/ads/www/delivery/ajs.php?zoneid=6&cb=30588068588&charset=UTF-8&loc=https%3A//www.dcfever.com/users/profile.php%3Fid%3D1172991(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
adx.adxglobal.com
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
cat.nl3.eu.criteo.com
cdn.track.production.webgains.team
cdn01.dcfever.com
cdn10.dcfever.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
csync.loopme.me
dclk-match.dotomi.com
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
ib.adnxs.com
imageproxy.eu.criteo.net
match.360yield.com
pagead2.googlesyndication.com
partner.googleadservices.com
pv.medialead.de
region1.analytics.google.com
rtb.nl3.eu.criteo.com
secure.adnxs.com
static.criteo.net
static.dcfever.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.dcfever.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.26.193
104.64.118.247
116.202.48.214
142.250.184.194
142.250.186.70
145.239.193.130
151.101.66.49
178.250.1.6
18.135.155.178
18.185.230.6
18.66.147.41
185.89.210.20
2001:4860:4802:32::36
210.184.251.68
210.184.251.82
2400:52e0:1e00::1081:1
2606:4700::6811:190e
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9d
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::13
2a02:2638:d::2
2a02:fa8:8806:16::1400
2a0b:4d07:102::1
3.9.250.12
35.214.216.136
46.228.174.117
78.46.90.238
99.81.152.59
99.86.4.36
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
067ed1942c6ec0b5af871590d7908fab8a3f5af0bed24eb056164a58095cac46
06e114c8e5b8c7196aca5e84100e7b1edafe6f34f31612d9b61476bb32f8bea1
085ce8b353749005e72e8e31a31415868d9b7031f84df3377a75e9767d3916da
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfabfd6875c7b83e26c46b036fcb0d93c4d49d01d2e1f26a5b889eac1c75901
0f0308db24f1e7e1537e1055909fa1eff95e262e3fff4a1b81e8c1b47f1c774c
122980d66002ecf6854209ad78a8a2d1439f88fc5c796ad54a84493c1f11b40c
1265b6e1733446d27f0ae5e28392703c4689feabe550347d645710ef9fdce610
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
197bbc8fc65f4c1fc89e1ee4ff65983ec0349b6c51eb1ad8c9c7815967c31fba
1b522e932396d9b1cb63b82d77538ce3c23a0fa70802a9a391dda541687c4fe5
1cfaeaaf48eee2b125aced1bde74a95228e36b4fff62c9337b6ebd3982d762a8
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25bb94b282c6fd1928c6070b99d3334151ccf117ca5af8c1826ab7b0f71607f8
27b88525d3d052be665a7197efa5e68500ac112b4b9287885148fce005c55710
299b123d8cb1a97375ab38aaa7f0a84d14466adafa16a2c909a5529b93eeff4a
2b02484c717b73704cd3167a75568c31d847f35acb87698499ed2c15e0b5534d
2b518271f5aa52c5ffa4bf23e886e409246cf5db57a5d29c9948bf69e8366937
2bfed354cee883542907b8d12a6a45400a98286b76cfc2b68dd0a64d00197e47
2c6130cf837755df63a979fc0e2b1dc003ba139c5614883f3079407ef9588388
2d5b9d1882aeec42d230da3cc332b9468bddd5665d417f1f42336bcccdd55e65
2dc1f4c722bf4dc3714a48733f567c70b291606d2172b42d7547ed1790cc9f08
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39a1b76322af3d3f3b3269fb5273c5f25698583989618054e3cff3216ff6cb52
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c06c1389ca81327ade99801503afe4a0af6c48af406c1964e733f4a038c1a25
3c9ad3cb87f4c8c481c59c52a057ca0d2813cb9108cfd237917608c3bc9d1be9
3cd308b717f2707a77cc547267d21788fe0c20fd7e6985611a89bda032bc734c
3fbf5529134538f551c3948adf1e70c618784c861aa7fc98da44105e67cc110b
4099b9686205d194cf49e67952bfda8f71313a74767daf1bb44317bbf6765233
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
40b7cdece616e2939da6d310853fdf203821255e657e825fb8290900286e9479
4667c94befc9784465ffebbec6a5746e1a50b479c247c832b9d23dd8e02fe65a
49314d82f99bb44b050af1c5d856d3432a8e12ec5a1e5807f474fa633f7cb26a
49f4fe05f9406472ab40ad7f45608ee46e03fe95442b4bfaa8fa748c050f4943
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5b8ea34dfe39acea247c3004e5e4521875e70b7c317e0efa3633bc047a5b4b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
53e4281ffab5fe4a4d011ebc2dfafc13cdc5f494378dd525f1aa8ac57d06bf08
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550b451d882eda92bb3afc863eb0166bd5b98b590d8e6593552c26e9978c9586
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6045b0ae82394826c06aec665b8264501db01a5039aba419f0fb6e33db3a3d04
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6513304f0b954193db2194879d5495882ec54ff6e9114e1773e9ff97d2a34835
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
760e360579165d2a298a42d5d5d310b74b4a425d2fa9bd6166abf37c704dce4a
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
77e935718d2aed491fd4dbfe54b1da0add279c2d7b7704736a8ded2f31240762
78f9179479204b7f5b4e2fa5f2a28267121ee80bbb1da811abe2d3c68c3255d1
7a603aecd2b327bafd89b4763c8a3dc92d3717326df374696eb8e58439f4b22f
7da50473010eba615db20d7943c029cfcc0fd3a993e835698833fc3e9ad3f1d1
84a06cfbbed3264c6a898b2615e3fcf541affad5a6f155bf0d2252ce4cf486eb
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8be311d16eaaabef2dee660425ff6a48bf154d2333ad86d8d707b54914e10039
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d8834a947897d7bba059dd1efcad06b91f99facd557e4fb29955d6731eb09f0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3f968e513eb907e7237f770802f5f28cf83518dde9f0cae5d608bb03824eeb
967e957ffb2738be41c394d0565c5945e8f49db60c66822e123652d66a508756
990e834851a6566f0be7b58a3cd5da577184facd2c2a406d4b1514f86f8efff4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be265e2b6afc6d2ac763b7d369b03d5865852d861bbf1f42525dbb489b29a6e
9cae11f189de5f82f4eb590e9015aa5e7325e5b08c3abc2aeefb5033d25d194f
9d5b7a34e4e5c8c39f1454a94cdf9e52884f5cba3a8ebfe84010d097462522f6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b22cc658cb2b6f18315959d2e6de9904a84063b15bc35c657f0e895d669840
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a45687d15a46bd0c0469f9c3d38b5edb3f3449478bf0a0c4cdca10b48d86c2b9
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72e3d440671752909cf24f9a939ea60d7d08b76722f750f8cc93d99ddf4b116
aae20adb71bc608a4cda9f5fe95a9ceec2976fb9f47efae93d45237a3d0568a5
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0caee2db11ebefe7a5bea3db52e06cdbcf268376e6f6a4a11358ec8c63f7133
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42a583831626ed7fec0297bcd8f8b256863dc34bcb3a978bef5053c3efda2fb
b4b4b440ed808e3e3d598b5522e5de0cbebfa143014aeb7170aa9acbe2d360da
b74da0c909a06c88d8f8996ddb342f2b3d8ef20ca78ab051ef3cbd8e742a3112
b805c516073369453d8e385df77cb10c0b68d3405792a99655561f89cdc845d0
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bfb497b400223f2a96e375863ca0e5840df3ba96e28c0169cb75c694012097a7
c2bff4a1d4f2d836c84ba341ebe6bf852507de52848b2f5bf0655b7bf08964d7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cc872305fc8f05c784c3baaaf97fac982a26bce81dfa433f12510ba681e86e3b
ce7aa7f86f8c283b1342c2f8f4862c545f92d6ce789f65da60eaf92fa58652e0
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d1cc9ef7ac37881e60962e1354de04e5d4ed2683f16780dc62a8211125021e07
d4d85387fc0234fa0fca7db8ab909ccc0abf754697f35808d5442684a3241197
d725491c4075f128defe9ad0e3d4f4894ed399c943997dab7432f015bbceb4ee
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e266f9a563f2e1ef30f7dcc7a85ee1fb194b126e57bd9271e7ab9198035de350
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1557d3116343a7c665d17a1dbb2210e9f1346ccdfdaddfe91d62fda53493
e5ad31a47913cdfc2470acd4e304982fae2bccf62098855fecf3b84c1e7fea34
e5b7e14704b22622f2250300bb6b5db77e207648afe9b68af869a105dee3a682
e7a43b4d8793f58b30da9a2cf5a42a0db0263f5a41f019a008b203e3bd0040a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f402c73a7bfb1db2fcf457c2c675274b43ad6a49e627bf8f19ff2c030ad12162
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fbb469c48bb3ae4541dc074b94c584ee70b913d9476f83b99b26357941054929

www.dcfever.com Open in urlscan Pro 210.184.251.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

94 %HTTPS

57 %IPv6

30 Domains

50 Subdomains

44 IPs

12 Countries

2100 kBTransfer

4641 kBSize

22 Cookies

6 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dcfever.com Open in urlscan Pro
210.184.251.68 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

94 %
HTTPS

57 %
IPv6

30
Domains

50
Subdomains

44
IPs

12
Countries

2100 kB
Transfer

4641 kB
Size

22
Cookies

156 HTTP transactions
3 data transactions