urlscan.io logo urlscan.io
SecurityTrails logo

www.lapa.ninja Open in urlscan Pro
2606:4700:20::681a:7d0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.lapa.ninja/
Effective URL: https://www.lapa.ninja/
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 107 IPs in 13 countries across 96 domains to perform 540 HTTP transactions. The main IP is 2606:4700:20::681a:7d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lapa.ninja.
TLS certificate: Issued by GTS CA 1P5 on November 21st 2023. Valid for: 3 months.
This is the only time www.lapa.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
82 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:26d... 16509 (AMAZON-02)
1 161.35.94.188 14061 (DIGITALOC...)
3 178.62.198.146 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 28 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 11 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 18.239.69.131 16509 (AMAZON-02)
59 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
13 142.250.186.38 15169 (GOOGLE)
1 18.238.243.82 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
1 18.239.18.12 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
6 185.86.138.123 201081 (SMARTADSE...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 52.19.228.53 16509 (AMAZON-02)
6 11 185.89.210.244 29990 (ASN-APPNEX)
1 34.120.63.153 396982 (GOOGLE-CL...)
3 5 216.52.2.30 32475 (SINGLEHOP...)
2 6 35.244.159.8 396982 (GOOGLE-CL...)
11 54.72.113.40 16509 (AMAZON-02)
3 51.89.9.251 16276 (OVH)
1 18.173.159.32 16509 (AMAZON-02)
1 52.48.81.28 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
16 43 142.250.186.130 15169 (GOOGLE)
5 13 104.18.36.155 13335 (CLOUDFLAR...)
4 142.250.186.98 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
45 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.66 15169 (GOOGLE)
4 213.202.235.9 24961 (MYLOC-AS ...)
3 8 23.35.237.56 16625 (AKAMAI-AS)
1 162.19.138.119 16276 (OVH)
1 141.95.98.64 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
2 4 37.157.5.132 198622 (ADFORM)
3 5 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
6 35.71.131.137 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
2 5 18.192.249.116 16509 (AMAZON-02)
3 3.75.62.37 16509 (AMAZON-02)
3 8 185.86.139.102 201081 (SMARTADSE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.190.0.66 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.155.156.181 1299 (TWELVE99 ...)
1 12 138.201.63.157 24940 (HETZNER-AS)
1 37.157.6.235 198622 (ADFORM)
1 4 138.201.63.145 24940 (HETZNER-AS)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 130.211.44.5 396982 (GOOGLE-CL...)
3 5 145.239.193.130 16276 (OVH)
3 88.198.250.30 24940 (HETZNER-AS)
2 2a0b:4d07:102::1 44239 (PROINITY ...)
2 3.11.123.127 16509 (AMAZON-02)
2 4 142.250.186.102 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
2 92.123.148.9 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 3.124.253.58 16509 (AMAZON-02)
1 1 151.101.130.49 54113 (FASTLY)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
2 108.138.36.48 16509 (AMAZON-02)
2 99.86.4.36 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.242.208.83 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
4 18.169.38.151 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
1 99.84.88.18 16509 (AMAZON-02)
1 104.119.108.27 16625 (AKAMAI-AS)
2 34.242.46.191 16509 (AMAZON-02)
2 2 23.60.204.187 16625 (AKAMAI-AS)
4 69.192.162.113 16625 (AKAMAI-AS)
2 69.192.160.199 16625 (AKAMAI-AS)
1 2600:9000:244... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 54.172.246.175 14618 (AMAZON-AES)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 69.166.1.66 27630 (AS-XFERNET)
1 1 145.40.97.66 54825 (PACKET)
1 1 3.86.126.229 14618 (AMAZON-AES)
1 18.195.110.104 16509 (AMAZON-02)
1 1 95.101.196.17 16625 (AKAMAI-AS)
2 4 52.46.143.56 16509 (AMAZON-02)
3 3 44.216.232.169 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 3 50.31.142.255 22075 (AS-OUTBRAIN)
10 52.210.15.1 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
1 1 52.86.174.189 14618 (AMAZON-AES)
1 1 54.146.33.131 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 211.120.53.205 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 69.173.144.139 26667 (RUBICONPR...)
540 107
1    2606:4700:20::681a:6d0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lapa.ninja
12    2606:4700:20::681a:7d0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lapa.ninja
6    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:e753 (United States)

ASN13335 (CLOUDFLARENET, US)
api.producthunt.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
82    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:26da:d000:12:352e:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.servedby-buysellads.com
1    161.35.94.188 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-16.buysellads.com
cdn4.buysellads.net
3    178.62.198.146 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-14.buysellads.com
srv.buysellads.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lapaninja.com
28    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net
c.amazon-adsystem.com
59    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
13    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
1    18.238.243.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-82.ams58.r.cloudfront.net
config.aps.amazon-adsystem.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    18.239.18.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-12.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    185.86.138.123 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    52.19.228.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
11    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
buysellads-d.openx.net
us-u.openx.net
u.openx.net
11    54.72.113.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    18.173.159.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-159-32.muc50.r.cloudfront.net
aax.amazon-adsystem.com
1    52.48.81.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
14    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
43    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
13    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
45    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
4    213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
8    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
5    18.192.249.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-116.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
12    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal9000.redintelligence.net
hal90007.redintelligence.net
1    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
2    2a02:26f0:480:15::213:7e47 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
5    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    3.11.123.127 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-123-127.eu-west-2.compute.amazonaws.com
track.webgains.com
4    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    3.124.253.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-253-58.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    108.138.36.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-48.muc50.r.cloudfront.net
analytics.webgains.io
2    99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.242.208.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-208-83.eu-west-1.compute.amazonaws.com
match.360yield.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
4    18.169.38.151 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-38-151.eu-west-2.compute.amazonaws.com
api.webgains.io
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    99.84.88.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-18.muc50.r.cloudfront.net
public.servenobid.com
1    104.119.108.27 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-108-27.deploy.static.akamaitechnologies.com
contextual.media.net
2    34.242.46.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    23.60.204.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-204-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    69.192.162.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-162-113.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.192.160.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:2449:8200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    54.172.246.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-246-175.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.86.126.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-126-229.compute-1.amazonaws.com
ssp.disqus.com
1    18.195.110.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
hbx.media.net
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    44.216.232.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-232-169.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550f:75d1:8c51:db8:340d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2a05:d018:cc3:fe04:3684:ac58:ec44:5836 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    50.31.142.255 (Hickory Hills, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
10    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    52.86.174.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-174-189.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.146.33.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-33-131.compute-1.amazonaws.com
sync.ipredictive.com
1    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
147 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 MB
98 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836
624 KB
45 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
1 MB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90007.redintelligence.net — Cisco Umbrella Rank: 241653
hal900010.redintelligence.net — Cisco Umbrella Rank: 275510
270 KB
14 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
795 KB
14 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
5 KB
14 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
2 KB
13 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
9 KB
13 lapa.ninja
www.lapa.ninja
523 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
4 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
8 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
25 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
141 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
75 KB
8 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
29 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
2 KB
7 openx.net
buysellads-d.openx.net — Cisco Umbrella Rank: 38418
us-u.openx.net — Cisco Umbrella Rank: 522
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
1 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
533 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 30616
api.webgains.io — Cisco Umbrella Rank: 91573
38 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44040
medialead.de — Cisco Umbrella Rank: 43761
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
889 B
6 lapaninja.com
cdn.lapaninja.com
2 MB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
5 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
2 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
c1.adform.net — Cisco Umbrella Rank: 599
22 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
8 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
rtb0.doubleverify.com — Cisco Umbrella Rank: 761
rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 18604
22 KB
4 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11905
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
20 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
12 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
3 KB
3 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 74479
964 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
919 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
411 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
80 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
25 KB
3 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 20826
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
883 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
947 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304
6 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 62639
4 KB
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 217997
2 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
912 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 54581
1014 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
34 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
5 KB
2 producthunt.com
api.producthunt.com — Cisco Umbrella Rank: 38325
3 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
693 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
541 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
237 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1608
366 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1356
181 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718
244 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
275 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
235 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
401 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
735 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
134 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
527 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
199 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
541 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
274 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
888 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 30214
141 KB
1 servedby-buysellads.com
m.servedby-buysellads.com — Cisco Umbrella Rank: 33351
16 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
540 96
Domain Requested by
82 pagead2.googlesyndication.com www.lapa.ninja
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
59 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.lapa.ninja
s0.2mdn.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
ad.doubleclick.net
45 s0.2mdn.net www.lapa.ninja
googleads.g.doubleclick.net
s0.2mdn.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
43 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
g2.gumgum.com
28 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
14 www.googletagservices.com googleads.g.doubleclick.net
www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
13 ad.doubleclick.net googleads.g.doubleclick.net
www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
www.googletagservices.com
13 www.lapa.ninja 1 redirects www.lapa.ninja
static.cloudflareinsights.com
11 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
11 www.google.com 3 redirects tpc.googlesyndication.com
www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
10 usersync.gumgum.com g2.gumgum.com
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 ib.adnxs.com 4 redirects cdn4.buysellads.net
googleads.g.doubleclick.net
acdn.adnxs.com
8 hal9000.redintelligence.net 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
hal90007.redintelligence.net
hal900010.redintelligence.net
8 sync.teads.tv 3 redirects googleads.g.doubleclick.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
7 www.googletagmanager.com www.lapa.ninja
www.googletagmanager.com
adv.office-partner.de
7 fonts.gstatic.com fonts.googleapis.com
6 rtb-csync.smartadserver.com 2 redirects googleads.g.doubleclick.net
ssbsync.smartadserver.com
6 match.adsrvr.org 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
g2.gumgum.com
6 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 prg.smartadserver.com cdn4.buysellads.net
6 cdn.lapaninja.com
6 fonts.googleapis.com www.lapa.ninja
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
hal90007.redintelligence.net
hal900010.redintelligence.net
5 pv.medialead.de 3 redirects 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
hal900010.redintelligence.net
5 x.bidswitch.net 2 redirects 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
g2.gumgum.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
ssbsync.smartadserver.com
4 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
4 api.webgains.io analytics.webgains.io
4 5994599.fls.doubleclick.net 2 redirects www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
4 hal900010.redintelligence.net 1 redirects 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
hal900010.redintelligence.net
4 hal90007.redintelligence.net 1 redirects 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
hal90007.redintelligence.net
4 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
4 us-u.openx.net 2 redirects googleads.g.doubleclick.net
4 m.exactag.com googleads.g.doubleclick.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net www.lapa.ninja
ad.doubleclick.net
4 www.googleadservices.com googleads.g.doubleclick.net
4 ap.lijit.com 2 redirects cdn4.buysellads.net
public.servenobid.com
4 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
3 b1sync.zemanta.com 2 redirects ssbsync.smartadserver.com
3 i.liadm.com 3 redirects
3 sync.1rx.io 3 redirects
3 pm.w55c.net 3 redirects
3 pb.media01.eu hal90007.redintelligence.net
hal900010.redintelligence.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
3 d5p.de17a.com 3 redirects
3 ups.analytics.yahoo.com googleads.g.doubleclick.net
public.servenobid.com
3 ad.turn.com 3 redirects
3 www.gstatic.com www.lapa.ninja
googleads.g.doubleclick.net
3 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
3 api.btloader.com btloader.com
3 c.amazon-adsystem.com cdn4.buysellads.net
c.amazon-adsystem.com
3 srv.buysellads.com m.servedby-buysellads.com
cdn4.buysellads.net
2 token.rubiconproject.com eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 gum.criteo.com 1 redirects static.criteo.net
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 adservice.google.com 5994599.fls.doubleclick.net
2 cdn.track.production.webgains.team 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
2 analytics.webgains.io track.webgains.com
2 um.simpli.fi 2 redirects
2 www.awin1.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
hal900010.redintelligence.net
2 track.webgains.com www.lapa.ninja
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
2 adv.office-partner.de hal90007.redintelligence.net
hal900010.redintelligence.net
2 cdn.doubleverify.com s1.adform.net
cdn.doubleverify.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 ads.travelaudience.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 r.turn.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
2 track.adform.net 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
s1.adform.net
2 id.hadron.ad.gt cdn.hadronid.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net www.lapa.ninja
2 api.producthunt.com www.lapa.ninja
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 ad4m.at ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 dis.criteo.com 1 redirects
1 hbx.media.net 1 redirects
1 match.sharethrough.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ce.lijit.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 contextual.media.net cdn4.buysellads.net
1 public.servenobid.com cdn4.buysellads.net
1 u.openx.net cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 mug.criteo.com
1 rtb.openx.net 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 tr.blismedia.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 match.360yield.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 rtbc-ew1.doubleverify.com cdn.doubleverify.com
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 s1.adform.net track.adform.net
1 cms.quantserve.com 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 a.ad.gt cdn.hadronid.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 buysellads-d.openx.net cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 cdn.id5-sync.com www.lapa.ninja
1 cdn.hadronid.net www.lapa.ninja
1 tags.crwdcntrl.net www.lapa.ninja
1 secure.cdn.fastclick.net www.lapa.ninja
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 btloader.com cdn4.buysellads.net
1 region1.analytics.google.com www.googletagmanager.com
1 cdn4.buysellads.net www.lapa.ninja
1 m.servedby-buysellads.com www.lapa.ninja
1 static.cloudflareinsights.com www.lapa.ninja
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
540 146
Subject Issuer Validity Valid
lapa.ninja
GTS CA 1P5		 2023-11-21 -
2024-02-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
m.servedby-buysellads.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-12		 a year crt.sh
cdn4.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-11-14		 a year crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
lapaninja.com
E1		 2023-11-19 -
2024-02-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.media01.eu
RapidSSL TLS RSA CA G1		 2023-05-16 -
2024-05-15		 a year crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh

This page contains 84 frames:

Primary Page: https://www.lapa.ninja/
Frame ID: 88B24612D1E8ED26CB623EA792F2629D
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: B30ED972552A21C6B3136477AB25AAC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: C1F8815EB82E36ECE04907FC18B10CF2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Frame ID: 33C7DF2AE439B85439A5122AEF58AFD9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Frame ID: FDFF05B6A4A8C79BBC9EE9079CDC7F6A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Frame ID: 099B1CFBC4AA6E9AF08976126EBD9DC3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Frame ID: F8A5180C54453F2A8015071180A56AC0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&adk=1812271804&adf=3025194257&lmt=1701198880&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880791&bpp=1&bdt=1174&idt=192&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600%2C300x600&nras=1&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=200
Frame ID: D12776244300A6B9CD884DC7632B8288
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 344239391EAE7746A7B256A8991F9EF2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F2D40BE4AD3FE4E1C2C43441DEB6C06
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Frame ID: 0163EA8670EE7D877DAA313B8B15C3D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DCA6416DD2B123C0494BA02C6DD47C78
Requests: 2 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39FD148D49028528501F1E311F168132
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 790C235B1E7962DFE565075E7C8323DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: FAAD981CFB8507C91E2769BF0C214C57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Frame ID: 8E0AED6EEFEBF5AA33DE23DB894868DC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 0CC527C76EE4415D750A85A1103F835E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 8ADBDB251EC441A97DAC847AE64EF2AA
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2BE6EFB3EECE3ADF0152844ABB71BEC6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5D7928134D2C8AB5175674C45A5403B1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D7E17724A450968B3B67022522E55C82
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Frame ID: 6FE1388D07C06B749E734E0DDCBF3AEC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 698C7D6AAC770E4FC7A3CBADEA2070A3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4C8785CCE109EFA09F642F975F0D8992
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Frame ID: 8881F75D631C12FCE7FE90C85451948C
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Frame ID: DA5A520DD8CA08A30F065E8170B78212
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: ABBE9A2B2A988F22FCA4DA244234821E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 019949AA8411D6EBE99E0E5C9F613D6A
Requests: 1 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0824BE9559F4C905157A7DCF988F32C7
Requests: 15 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C9A8449A697F4D5995BB26FFAC27B69
Requests: 33 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 538D4833627D2C3B64FFF34F681BCAF9
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 769CAAD9514088D2B8AA47D43DBB4F98
Requests: 15 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD3E3B1D6F0A274371FA0707C184E7EC
Requests: 24 HTTP requests in this frame

Frame: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E8FDEE12943AE5E18CFAB7CB39F5BD8
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqYTo4gEwAQ&v=APEucNWO9Y5jg0HmomppLDEl3LbMe7K-OqsNB9yh1910RJcpPmnt6fJk4WU90-OQZLmckSqk48Sht7E9IfI-vS17nP_O17PhKgOPAx3YlgKHtf_242PiOAHlmWOKkjGjBMecJabJFVc9k2a3wkfAIkKIPSoEXRRn33xq2BCJaMoQHYoYFyOoZPg
Frame ID: EF54B43FE84AF673901A7F8DC55FB46C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84B30BD6B2584FB13AD98C7840345757
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYtvaA-gEwAQ&v=APEucNU3s5bCy3Co18t7fohEHIkjRDgP6K4JvBFAgqVAEmFkg-4sn_VdNR6777W1a8TAyzjH6gA2sNSmiZOH-GZCHeUNc0EHDCzmFDxzghy2VDUVvaD0qF20dgRbdjtDgOcfxFX57dyD5Cuker8DDmZojKI47lCgYpGB47ymWKKzpzdGYhJcEz8
Frame ID: 86CE81657268926D5401980EA16144B5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNX9tY9LS1L-wBjMnQyGfoVYp-u5KAvxs9xGcxJ511nsUQKWDpQvj8pWKmxK_JLlcAdsbavKAMOxFkP0ViOifEXvS_Yg_9-RsXi-vACGPu6l8aLLRn1bpLiYx9F-REqp-7klV7u11l5ZNLWznTFLxe10SdNBEMbdPKpDHL29EZMLSxLIHY0
Frame ID: 679A2D9F8BEF78A9C2B8A61E63053A97
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8601A53EAEAE1D127A4F0357F1E4B03B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXKtIfNpBpXg0nXqZOGe-HjzZTaDXnZK6uc64KOjXaB7Bj8vo8Cu5Q3h4OeTvEmFPKQrwe8kbNY4BtXy13aMBs0cAA225zT6osV_f_3crN4svxuKCQ9jQiUWruypTBCcv8ZBi9Mwpr9LNgRVe4xOb0_uUrfCQhKiJZz4HIJadW4LCTTqJw
Frame ID: C40DBBDD7FAA716A664D7322FEAC2275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU5Os1AWD-Z2rwAntZPzIRmjP5iQgVexc5UFLv1kfWgqKflX0TTfmjnwfPCvFAk9NNpjo7VBFv4gORrFw7uTD0C0TPUpUX5rL5Z24SCG7eGHFjQ5daJPphsDf2EfO74PxyM2G1xhjcPxIsFS6sJ5fe94q_To8SB5DFRWpfJxcdAuoty3kM
Frame ID: F80EC835D8DFA95B3FF55EAC32CEC0C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1B291FE24E0CF8406D7F25451ECED45D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 85C6ACCE277804549CD86CEFC98811B2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Frame ID: 61CED3F806B51CCF370C005E5995EA58
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Frame ID: E2C56375F2C58B2E0D4FBAF51F57A69E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C3E91B0FB2F48AC6462BA808F5D3BABA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 755C34856FA0645F8132F58247FD4B5D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 267AC26315B353D9B3CACC3F78793263
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 38011779D087C4E0BB4223459598E6AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 78AA767127FC236C39D4255DFD5C47BC
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39130100146931404444554012522007&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 856627B09A9BD9CB558738A56166BDCA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0712F0FF508444FDA9EE53E78A21A9D9
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615
Frame ID: 522AC057FFC2200B91A15CB811C3D3E5
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Frame ID: A7CFA897425B79072FD9BE2AA703BFA6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 448A3394189D4191FB7284937A489831
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 43C7759337825F0DB479329AC62B05A7
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FBDC1D7126F4A9A99C3A6FB8FCE16AFC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 15AF63886DA7A86277C2B3B65B95E4FA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE96E5E9A661EA27B6087F7869242BB1
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27
Frame ID: AC66F9F2CE5CEAFF8FCC412CD6985D5B
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Frame ID: C7FC960087065DD9F0A1EE8B2523F0A0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97F05F000E51B4A003F836757F00D688
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lapa.ninja
Frame ID: B156F894590C412493D5BDD77E500BCA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50BD8AE7294FF9E26ADEE654893A3D50
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C971F0805E9957D48D6E7821754AE62B
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8D9823C323A9FE7C891125967BEFB88A
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701198881492
Frame ID: ACA546E7FEE9DD1994BA880BD034A725
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A62EBF14F5574820E9EEF87AA09C2673
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 99C35F2ED7BD3E9949B74CE48CC3BD75
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A52BC2E5327AD631C2359E307ACFC0A1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2912718431BD89667EA29A9D4604C7E8
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1E963486FE467181CE88AD2F3B29E80F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 8743A06AD0B95FE150F00BE75C593073
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: FD3BCCF67B10DB03859F0E817B1244F3
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 86EA7CF96DF2E37C9575E5F6CB78829A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: FDCD4AFCFA7AA066DF135504C2E933F1
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 3D1A2311076CCB9CA91648A8DC200878
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2004332685732940548&gdpr=0&gdpr_consent=
Frame ID: A148FE07124FB860044A52A5E1BB9B0E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jMDQ4MDlmNy0xMWJlLTQxMTgtYjhmMC1mNmMzZDJkYzNlMTA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 67CD8DFDC886A3D541707A352B7F396C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: AFB39D577DA9A59AA51A405F830011BD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: A7A8A5740E318C2975C577854072B528
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZWY8JcCo5ssAAIo0WUIAAAAA
Frame ID: 67934DADA7317383B423905B0A50D09F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ieDfoDTsmXF6hIWRnbSpgTAKsZbUxvaCVfcv_8ibTk8&pi=gumgum&tc=1
Frame ID: B5294A40F1457CF6CC4D2D882F0FCD1F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 71424A56F2BC9967BF49BE4ECE1DD8B8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5862 Landing Page Design Inspiration - Lapa Ninjalapa-logoCategories

Page URL History Show full URLs

  1. http://www.lapa.ninja/ HTTP 301
    https://www.lapa.ninja/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

540
Requests

87 %
HTTPS

35 %
IPv6

96
Domains

146
Subdomains

107
IPs

13
Countries

8617 kB
Transfer

17583 kB
Size

93
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.lapa.ninja/ HTTP 301
    https://www.lapa.ninja/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWY8Ia4fGHdPUQ.88XtNdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 129
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXSTvITxmZdFO0e-3B9D4m6gJ3fXtqHT45YO6vBLQoNb3rAEQASDCp7tkYJX68IGMB6AB5-j20QPIAQKoAwHIA8kEqgTKAU_QoCCF1x13G33I_Ak1CpAPkZJvqmF-Fx0VNyVQyKEodp67GyPl6F2h1Zlsl9NAjCPFG8BNXYjUmFPbjjrqaxI91b7nRF6ghLRZY6BzF0-5oJ_Etm6z8TcqNawITUHCGmTdSe_2lTbmhodvJBUhTrqN4BUspZ_10intXSE5yQnm3Md_HJE64uwitXVHtSL-R2z_am4ndArYX2-XYX2Ru85Ovqm8M8UD6TW2tIuiXR2izQklqts9iGNBHlYHRJSqMBG3qEsiXUMSHtvABIab4bi6BIgFz5LxuU2SBQQIBBgBkgUECAUYBKAGAoAHgZeJLqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELe7HtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCURodHRwczovL3JvZy5hc3VzLmNvbS9kZS9nYW1pbmctaGFuZGhlbGRzL3JvZy1hbGx5L3JvZy1hbGx5LTIwMjMvd3RiL4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMN0BUBgBcBshccChoIABIUcHViLTg1MzE1MTAwNDY0MTE2NjEYAA&sigh=I3rJZDwb3Hw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNd7avTFqTPc4Bb83TlfYkSFmYnyd8eDv5inHaPy1ZGPwgqJjYC1aPppbB_1YybwgkckTn-YnBG6dJ21Chha7M16nWVqZ-Z3L_8n0YAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218268958984486645713%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214982209160567902993%22}&andc=true
Request Chain 131
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwukCITxmZYkt-oDC4g-csLyQDd317ah0-OWDurwSuvPS4LIBEAEgwqe7ZGCVuqaCsAegAefo9tEDyAECqAMByAPJBKoEzQFP0Dfv9PWr8_idA9EwIDLTyxDdVc9BuO7fltkbf7ufIhgrs97aBLczUqOgztmtjgFhNdn0GOa5ZxZ4khwf07aPqx5jX8A_7k0bQTwuhOGngljPOuRj1Lbb8lyvUbg819YwrS5IcTpbldW19OLJ0aE__PL8lWuH8SCsNaisjs_cRw9diiA28lyxw-mI-aakXkCM9sCPSOSyhF_4vrcStDL3wM5UV4R9AT4sGCGXgRDukTUpLKNaoacf7T_Le_HD2D_g_cWrNnOsx7ars8rAwASGm-G4ugSIBc-S8blNkgUECAQYAZIFBAgFGASgBgKAB4GXiS6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCs4ivSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglEaHR0cHM6Ly9yb2cuYXN1cy5jb20vZGUvZ2FtaW5nLWhhbmRoZWxkcy9yb2ctYWxseS9yb2ctYWxseS0yMDIzL3d0Yi-ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMN0BUBgBcBshccChoIABIUcHViLTg1MzE1MTAwNDY0MTE2NjEYAA&sigh=4OOhhiK1u7Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNRbQ3djhX7hSbS0La0fYEbjFzbGwcfqt3XhGlYUG-rjq7YjpcSfX5WwBqTqGIJw-EoqJVmUX3D9ZHOdYsWhdahTxZnn5DgoIF8BgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228178848817197974954%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013419364769371521%22}&andc=true
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
Request Chain 183
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWY8Ia4fGHdPUQ.88XtNdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
Request Chain 185
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiB1t_1-AphG-7XxWAGTjA&google_cver=1
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEC_-6j_7hsubqzO2HWhLI9c&google_cver=1
Request Chain 293
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1&google_push=AXcoOmSy2Ad7VcK8-Wx-FIUdnLM44289LSmE1xISx5XnHVEicYW6OLTCczxkPR41hvwDg-P0KMfzJwmtRJEhfxP47apV8aDgbAc-kw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2Nzk5NzcxMTUwOTg3MTk4Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
Request Chain 296
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAluFz4LohJmd0KMUWUkLB8&google_cver=1&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZmMmXFmKktVjQYnY83 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZmMmXFmKktVjQYnY83&google_hm=4j4pH49RSHar7OPOujBxHBY
Request Chain 297
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAw4-rhtZMG-I6zw4_G-QaI&google_cver=1&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAw4-rhtZMG-I6zw4_G-QaI&google_cver=1&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA&google_hm=Hu7iuGZH1781crvmR0qV57BN
Request Chain 298
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEwHYDSQ-AVISk&google_cver=1&google_push=AXcoOmQrJf8i3J4jLOEwWEQlRmzGUHOsH4EP6Qkg_vp85GGwchenKgsJ0zKMDjuQ2h-JiXh1oPOHVb8fQYDBKccfdQnTQnuiHGNQGkQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQrJf8i3J4jLOEwWEQlRmzGUHOsH4EP6Qkg_vp85GGwchenKgsJ0zKMDjuQ2h-JiXh1oPOHVb8fQYDBKccfdQnTQnuiHGNQGkQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKROtuJh7FgEv_apRttnFX0&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&google_cver=1
Request Chain 309
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAluFz4LohJmd0KMUWUkLB8&google_cver=1&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI_BHznFVSYE5M8Mkvivw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI_BHznFVSYE5M8Mkvivw&google_hm=zANM31bxRueBVLCwcks-oRY
Request Chain 310
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFOXNvP79oTWcQPHuB6lrzo&google_cver=1&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR5AhNnFz6x31QtLmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR5AhNnFz6x31QtLmA
Request Chain 311
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGQ3aKmnMxkCzHT4r2qSuSg&google_cver=1&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV0Zr3sUIYxtQQ9Q HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV0Zr3sUIYxtQQ9Q
Request Chain 312
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED7hg4G5O440kdf-QRwca04&google_cver=1&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9ceOHiiSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9ceOHiiSQ&google_hm=eS1wdzRGaFdWRTJwSDFfTXJSRmU1VzlLQnlOc3p0Y0hqOH5B
Request Chain 313
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1&google_push=AXcoOmQ5N12TANobMNYZoPGsOdk2Jp9k89r5q-LsA1ieYNRSRJpueMyD3nUDxRTlmGiaTxATiJtKYN1UlFSrwjS8T2TK2_QxYpIgqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmQ5N12TANobMNYZoPGsOdk2Jp9k89r5q-LsA1ieYNRSRJpueMyD3nUDxRTlmGiaTxATiJtKYN1UlFSrwjS8T2TK2_QxYpIgqQ
Request Chain 360
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 361
  • https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 390
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39130100146931404444554012522007&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 393
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615
Request Chain 395
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 399
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1&google_push=AXcoOmQvuB29rzHwSoyErCnqJg3oVLIppfh-gwnt_mzi40Aq6DSRXMtDpro1iUUhmBMbTIbdEEbTWg8M_vYMsvJ15USGMkhUglpp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2Nzk5NzcxMTUwOTg3MTk4Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
Request Chain 401
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaWgckMqfO3hy9QF603KAM6xCj7Evp3UMV9OcpYJIA6nxZSyuh9D0kEitQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaWgckMqfO3hy9QF603KAM6xCj7Evp3UMV9OcpYJIA6nxZSyuh9D0kEitQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaWgckMqfO3hy9QF603KAM6xCj7Evp3UMV9OcpYJIA6nxZSyuh9D0kEitQ
Request Chain 402
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHapUUJHwpOOvstp9E5Yig8&google_cver=1&google_push=AXcoOmTAIKSK2TQmE2qlyjz1j9Xtx9umxj40uDCV3KggSUAReUsHF_iJURl_k8pR4H2nV4KdM6GXMBeAA5QUwsoEiN9sgXjilTvEdA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHapUUJHwpOOvstp9E5Yig8&google_push=AXcoOmTAIKSK2TQmE2qlyjz1j9Xtx9umxj40uDCV3KggSUAReUsHF_iJURl_k8pR4H2nV4KdM6GXMBeAA5QUwsoEiN9sgXjilTvEdA
Request Chain 403
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UrUAA2SapB-cmrO8Wc94&google_cver=1&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_1-zLst06MP-Ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_1-zLst06MP-Ig
Request Chain 405
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEwHYDSQ-AVISk&google_cver=1&google_push=AXcoOmQKDmAlcPb6TFk_nLGgpQa6L8VKlk1PXOuW_oDkitmlNEObWw4-7O1Wij8iYVUvUO77rOMPbECDx9_AkpSYFR4aH6L8yAgjBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQKDmAlcPb6TFk_nLGgpQa6L8VKlk1PXOuW_oDkitmlNEObWw4-7O1Wij8iYVUvUO77rOMPbECDx9_AkpSYFR4aH6L8yAgjBQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 407
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78376100177904004444978012522010&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 409
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78376100177904004444978012522010&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 443
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27
Request Chain 449
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFOXNvP79oTWcQPHuB6lrzo&google_cver=1&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5AagdNHBHWrdidMRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5AagdNHBHWrdidMRQ
Request Chain 450
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGQ3aKmnMxkCzHT4r2qSuSg&google_cver=1&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6YDhI_yvuZESXBw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6YDhI_yvuZESXBw
Request Chain 451
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEXlMfA0uwi0F8-vX1kaDCM&google_cver=1&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ejxRf01PQhfJtsjdvIs00E-FHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwNDMzMjY4NTczMjk0MDU0OA&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ejxRf01PQhfJtsjdvIs00E-FHg
Request Chain 452
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK269RTag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK269RTag
Request Chain 453
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1&google_push=AXcoOmRDsOGljRxmldhdl1qLbhy-PBje-uSPRRacP5wC6fB210Ly1akH2k9BlEBkoHEfULB4yPJRVPY0t2HfnfqGFTWrgbfz63FoPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmRDsOGljRxmldhdl1qLbhy-PBje-uSPRRacP5wC6fB210Ly1akH2k9BlEBkoHEfULB4yPJRVPY0t2HfnfqGFTWrgbfz63FoPA
Request Chain 457
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQrnGUQ2WJq3W_cJVdEQH39rz1ODJ2C51WDZsHLEewSG9rO7skbqIxqr4-5i-SmM5MYkiQvwyrJPNjkQy7pLiaRigbxS_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQrnGUQ2WJq3W_cJVdEQH39rz1ODJ2C51WDZsHLEewSG9rO7skbqIxqr4-5i-SmM5MYkiQvwyrJPNjkQy7pLiaRigbxS_E
Request Chain 458
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UrUAA2SapB-cmrO8Wc94&google_cver=1&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-2DDVknPaPpFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-2DDVknPaPpFw
Request Chain 462
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE-xqAwvhGJd758zq2bVbCE&google_cver=1&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c&google_gid=CAESEE-xqAwvhGJd758zq2bVbCE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzU4NjIwNTk0OTM2OTM3NTkwNTMw&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c
Request Chain 463
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEwHYDSQ-AVISk&google_cver=1&google_push=AXcoOmQ9_bBtcNmDBv_pCICbD6VNbFBifmnzPMtTBrhf8BbW62q5tqEf6nvIGjNsP9heNWL6WgQScq-ztgkMIrn6fmZRtulJ-fc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ9_bBtcNmDBv_pCICbD6VNbFBifmnzPMtTBrhf8BbW62q5tqEf6nvIGjNsP9heNWL6WgQScq-ztgkMIrn6fmZRtulJ-fc HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 478
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lapa.ninja&sn=ChromeSyncframe&so=0&topUrl=www.lapa.ninja&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kClzz3xXREhrekJVNW9TYjdFVXdyWStBOXVnSVNDejVrYkxDRmsxc0dlN3B1SWJ4d3R6cVZZZ2RPa1NmNFpMTDJzTXEwb0J4UVZKQndoQjU2ak0rMEd1bUdTWkRyUG5nbG0rR2wrNXJsQ2tsMVl5NXF1a1NJYU9wWFJmOHpJT1hVczg5bTllejhWSVRDNHRlRnNNMVRSeks1REthUG9SaW9IdFNhN21VRHUyREpIZTVqeXVLNndJRFFPRXN4RVIyNXA0amxaeGI1d0ZKdGN3SnIydUlmekxjekpBWVBmekgvRU01eHVhdk5iY0VVMTNIaFoxWDBoN3U0bFRQSlhjZXY3MTM3bmZ6U0RlQ0ppTjh3NzlqajdWMExIQT09fA&cppv=2
Request Chain 492
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 497
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2476369707372003380
Request Chain 498
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Hu7iuGZH1781crvmR0qV57BN
Request Chain 500
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701198885194 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1966244634 HTTP 302
  • https://sync.1rx.io/usersync/turn/3467997711509871982?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
Request Chain 501
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433831265321906
Request Chain 503
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 505
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
Request Chain 508
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 511
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 512
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1
Request Chain 513
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWY8Ia4fGHdPUQ.88XtNdQAA%265194&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWY8Ia4fGHdPUQ.88XtNdQAA%265194&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2b376945d85947b9b5185f32a3890088 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA
Request Chain 514
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 516
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fab3abef-d20c-b212-938986a6
Request Chain 522
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2476369707372003380&gdpr=0&gdpr_consent=
Request Chain 523
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzU2MzgwMzY4MzU5MzM0NzY2MQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 524
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent=&dcc=t
Request Chain 527
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2476369707372003380
Request Chain 528
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c
Request Chain 529
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e68f4397-bc75-4ffb-9d9b-cfdc8aef3ecf
Request Chain 530
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Request Chain 531
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-X59QVUNE2peTNVCva60QyToYtprwk_IrL.Us~A
Request Chain 532
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c86d987b-9ed6-4bf3-932f-b846898e3d3f
Request Chain 534
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=GorbUSsgRVsH3vfE3Aly&gdpr=0&us_privacy=1---
Request Chain 535
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=mKlkCgB3r51X&ev=1&pid=558355
Request Chain 536
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7563803683593347661
Request Chain 538
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2004332685732940548&gdpr=0&gdpr_consent=
Request Chain 542
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWY8JcCo5ssAAIo0WUIAAAAA
Request Chain 543
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ieDfoDTsmXF6hIWRnbSpgTAKsZbUxvaCVfcv_8ibTk8&pi=gumgum&tc=1
Request Chain 544
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

540 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lapa.ninja/
Redirect Chain
  • http://www.lapa.ninja/
  • https://www.lapa.ninja/
192 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f28f550cb505424282bd30acb49e474038a1a9c75510fc8b56a1d9c43214062b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16486
cache-control
public,max-age=0,must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82d4ef64a87e2bf0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNhceLlrimF5iASPWFob%2B9g8oLjqvCtz0GGOes7nw1AVSXWS%2FEx90bWVie5a93iJhZxGvzM7b1TcBerbCC8SE3cDN9iqxnaYv3EUDVq4fdBF332zwj%2F5jWwq5qtdAZ%2FH%2BxHMIKuIsiM0SCMB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HGBNNPV8ATF8Z0TGR1161PS9

Redirect headers

CF-RAY
82d4ef63eb90900a-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 28 Nov 2023 19:14:39 GMT
Expires
Tue, 28 Nov 2023 20:14:39 GMT
Location
https://www.lapa.ninja/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPeXv3P3MPlKY8x5q7Xz5Io5Dh6DkGiZL9wsvHMQTh%2FfP2jSvM647bXOu6Yc7FQxDKqVcmqgjpv5evHBP2N8Ikprgrq3%2BignXwRZRItbzZuE5da4CpPnphfnncjG0VRHXKeJGIhWC1%2BWfO84"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:100,300,400,500,700
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f0557d2a1bea048a13650fab57f2665ac5acb3995c72be792a894486d205671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:14:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:40 GMT
m-lapa.svg
www.lapa.ninja/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/m-lapa.svg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af8dbf4ca78c662eb2aa07fc43587cbb327b23d0e1aa24edae7bf922ff63c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HGAPE6GA74AGJ70A6S1CYQZ1
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d99275db487be3a0163b073a8143b58c-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGoxa1MDq2Q3LTlyWoRw8coBPUmVgWEWw4ACzywXyihFh8deh5ewqvGsAOQJTw%2BykCOib8Z1Xjo7vfNriBda1bKJjKViIeSKXf9BqPsktdsGbELCI8dc3mvNhV6nf61mK55gG%2FP6kSHGYzK2"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
82d4ef65ea482bf0-FRA
lapa-logo.svg
www.lapa.ninja/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/lapa-logo.svg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50521f3f93a2798b3396285cb2402f5f56a7b88851fe8211bcd1ab3e8d6e027f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HGBNNPY3EP4WMGJ3AAZQ5J89
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c0fd3b6b978f812abc4cdcf4a61886b4-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ArWKtu5pn76XemKeyvDvkP4nnhJACwdJdM6ImlkcNlNaNTU1motsZ8vZnkVYObqlMkoLGwLO5P73o%2FyD%2BhkdYGlwzgXHjkHSJ7Kiv458mSbsNSBNdOIRTE5UCVuwXk%2FXIlhidnBkEwxHeAM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
82d4ef65ea492bf0-FRA
top-post-badge.svg
api.producthunt.com/widgets/embed-image/v1/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.producthunt.com/widgets/embed-image/v1/top-post-badge.svg?post_id=25762&theme=light&period=daily
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b360a8e8a0c818d8f23d1914826495fb75192290a29b9ac0d4f0fb58be0aa3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
35691da3-7b42-4a3c-94a2-e3b6a96df64f
x-runtime
0.019360
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c8b360a8e8a0c818d8f23d1914826495"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82d4ef66486035f4-FRA
expires
Tue, 28 Nov 2023 23:14:39 GMT
featured.svg
api.producthunt.com/widgets/embed-image/v1/ 		2 KB
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=25762&theme=light
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928220ebda429710a118846ab53e2e4d2311986271b07cd699b6aabb19f76288
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5dc83fb1-ff09-4649-b1fa-327cc0f60b9a
x-runtime
0.018078
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"928220ebda429710a118846ab53e2e4d"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82d4ef66486435f4-FRA
expires
Tue, 28 Nov 2023 23:14:39 GMT
lapa-pinterest.svg
www.lapa.ninja/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/lapa-pinterest.svg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc3a6ee832355de6f58dd01e765271f997247f92939b60afc39525c007a7df9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HF18C4HQ81GBG131A7GA93X0
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dae7f079bf3fc72b4f172909692106d8-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dva9cda4an9VbSOkplLTQzrYKfC3BWuCoopNJnEpWr4syxGwCxY1v6T%2FMPARLXVtxfWQKUnmRiWFHJvybOc3fpafzdxlYesorEpeZIgvzKmjzu65E4MuATBaSwZOWOSLBLgb8IOUrqtyj73A"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
82d4ef65ea4b2bf0-FRA
support.svg
www.lapa.ninja//img/ 		24 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja//img/support.svg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508dddc1f347d3c9c8742a58339a25d00fd46adcd20a5d8bee0e89988daac9eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HFVQKR9WJ3DHDT6B1FW9ZV89
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"933df8e848357745a52710ec38da9349-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKptbBdat6aa3RC8eTl8WBaTzr8bdfgnh5DfeRC1T0%2Bwl3YFk39sx2%2BdOjRF1sZ582iRHrxRFH%2BeH7miqfbPSXqwUWU50JlFy%2FU2kMaMfVqEoA%2FNH3sJkvB63rFnZ0%2BlGZ%2BNF9JO6w22tX5T"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
82d4ef65ea4c2bf0-FRA
landing-love.jpg
www.lapa.ninja/img/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/landing-love.jpg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80b62011304275edf18f7edbb267e0ce9289ceef8ede0a97358143a15136d31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HEZ7TTZS7HCA2BQY567NYTZM
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
cf-bgj
h2pri
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a603f879ee08e722696eb13b5020f140-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN6aMqxeGd3G%2BXsXFVG1H8PZTSjTT8wOQBv73vs9vWFZ5Z0PKiXheRM%2BChNIi%2FJjUXZ5LQk3fxJAS4y%2FYWIHXA%2BWn86Be%2BqwEsFv1bGhKTkc7dXOw9fZd%2FjGQT3pZ9xAxRCPOtbSbh1x3jnm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
82d4ef65ea512bf0-FRA
content-length
123061
uistore-design.jpg
www.lapa.ninja/img/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/uistore-design.jpg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa825d35a6eb1f800fd57bd15cfcf85a5c7911ff89efccaa60afaf8a2683f2f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HE224DVEX0V1W9M6655T6CKQ
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8991d245f1751d3d0a2084768b854426-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST%2FtzKoXOS7eJTTAx%2BfqMzB8XA2k3uc%2BhMU5RIV0UBdC2CC8lqGbdxnmydlsMu90zurmQfmzslkn8xbu4EEImcy0BmlvxAofNXynBDIQ3bdaybzhS%2F2lFhXbcW%2FExSE4%2FFFA3SKP8ZKC0fvc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
82d4ef65ea542bf0-FRA
content-length
80927
bookmarks-design.jpg
www.lapa.ninja/img/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/bookmarks-design.jpg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bdd431370c1cf3133a0480a28b781ead6b67d68a8047814bc17ac4fc96e9359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HGAPE6DS6NRANHE1CFBN8HCX
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
cf-bgj
h2pri
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ea46107933fb9b9b55b7c729c25ff18b-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdILxtGiOl3tmT4wOxoc32ahAoZ2jE0ZB44dwy%2FN12lhoubmaea1HIMvq6Rzij1e4PS7zMhkbnY9zSWxtbOUEof3l6SjqdOajwHQ8NjUFIvZFs%2BHo0JSzJAZwJFvBS5mIWPQifBWZWJhLTzP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
82d4ef65ea562bf0-FRA
content-length
101498
indiemakers.jpg
www.lapa.ninja/img/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lapa.ninja/img/indiemakers.jpg
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a634797e71dd091a055f01aa63fc3d17f1e5c7ac321b4a35a08dce0cceddf414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HEPVER014HHP7PZCTDQBGS3B
date
Tue, 28 Nov 2023 19:14:39 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f6f209e524af9c11e8eb3f11c3ba7a31-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6D7iHId0pw0w9XpnrcomlrUJlktyN2yJ1qA%2BoTWTTQHlz8dy94wcVZixv9ORaUuVDYDwsKRz2X96PjMEzVBik2SyYxAuFaFlfQsco1gr7t5Y7WNBhGcOfyv5CvsQUw5uUj4W5UrPy5NiGix"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
82d4ef65ea572bf0-FRA
content-length
175009
email-decode.min.js
www.lapa.ninja/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lapa.ninja/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2023 12:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656491fe-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90%2B%2FjrvxTialRLWVVn%2FtyHV4E%2FHdxe3H0Wk67LGofjq%2FPKMB4S%2F8feUf6QYjgfK4qh0iSmMTtS2Qdy0cEFRbYQ5TCqaaIp174jFELugTl1lE6h4o8KINab9XNRHpfPeZqfQR0Jiu%2BKnT7cEp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82d4ef660a712bf0-FRA
expires
Thu, 30 Nov 2023 19:14:39 GMT
rocket-loader.min.js
www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2023 12:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656491fe-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlGm7PRs1rnL1pCidPl65POGrLK5tj4aH93WgyRVa7BbpCHCtz2cV%2FAocv474FfvKV0MkKMlzU7hR%2BnwfU26wRC8VRsa83duHFlIcWLIhL0uwixPJNGItJN7STKlcJI2Rehgr%2FReAOEDPNLq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82d4ef660a762bf0-FRA
expires
Thu, 30 Nov 2023 19:14:39 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.lapa.ninja/
Origin
https://www.lapa.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82d4ef6659928fd0-FRA
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:100,300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lapa.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 22:38:08 GMT
x-content-type-options
nosniff
age
333392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 22:38:08 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-63822820-1
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f91675c23b88066680582e10876a262cf1e45104e8182ad901e4f271674aa7e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68761
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 19:14:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df35e938d88d9439f1096153697d175fee2b5e7662d473f68b5fa4de8f4bc895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52710
x-xss-protection
0
server
cafe
etag
5239810753405805672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:40 GMT
tabby.polyfills.min.js
cdn.jsdelivr.net/gh/cferdinandi/tabby@12/dist/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/cferdinandi/tabby@12/dist/js/tabby.polyfills.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91154fa02d9d5f74028764bcd80b0693db561e3cc53b9390745e0aab910af071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21893
x-jsd-version
12.0.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230133-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1067-sis7UFWSLIx8vwVnMVlYTfJJdCM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B1yaSlTlgccnaoddf4sCVjy8ZGOdh1cdm3lQDsugOcJ9AblBoqBSCSJrT1azRh4FsAvtreQH%2FaIVzdKchiMntZSoUmIJwrA4sPBkyh9D3Q%2BeYEpz%2F9VFKLBW2T0ZP8kNN52FDDobqPAliYcf5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82d4ef6bbca11d9c-FRA
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/lazyload.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1612987
x-jsd-version
10.19.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230091-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"157d-7oSTFmgFjdrwSUlzDWmBH9iMXEY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjoEIo6UTlYeR35WNpI2uvt2my7pf6lmhiYVZtDJ8SLpOUZalhL3AhW76VeyV6uhUMIVznaqDl6IVQ801mB41tY%2B2g1J10PuJ0U5GNYzHODI2pr%2BGMH0x1YVNLUKxyVnmb2163GZHZkGu2qjzz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82d4ef6bbca31d9c-FRA
monetization.js
m.servedby-buysellads.com/ 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.servedby-buysellads.com/monetization.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:d000:12:352e:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:32:58 GMT
content-encoding
gzip
via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 15:33:20 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
81717
x-amz-server-side-encryption
AES256
etag
W/"c89307314053bc69d48ccd0533eb7ff6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pRAK9om_Gtdum5005Rbedu24V2GmnHNcAPQ4My7u70aGwh7rubb5kg==
lapaninja.js
cdn4.buysellads.net/pub/ 		513 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
af320fcb7c241ea86776e99407003fd07f5de329ad1be6846af4eddcc195c8bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
bdb01eceb56abf78903fbf10014f96dc5a6390a7
vary
Accept-Encoding
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		198 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MG4GBJH
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0d09a0661ee4890d59a400325eeef8b14360e6d5ec2742df4b2ecf7e4665bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72534
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 19:14:40 GMT
CK7DL27L.json
srv.buysellads.com/ads/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CK7DL27L.json?segment=placement:wwwlapaninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.198.146 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-14.buysellads.com
Software
//srv.buysellads.com /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client,x-origin
Access-Control-Request-Method
GET
Origin
https://www.lapa.ninja
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-length
23
date
Tue, 28 Nov 2023 19:14:40 GMT
server
//srv.buysellads.com
vary
Accept-Encoding
CK7DL27L.json
srv.buysellads.com/ads/ 		805 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CK7DL27L.json?segment=placement:wwwlapaninja
Requested by
Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.198.146 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-14.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
818faaf01132d2b3e88178eec72eec8c50a7d3b556e57b5baad4614c7cea499c

Request headers

Referer
https://www.lapa.ninja/
x-origin
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
x-client
monetization.js/20231024 (target:body;noViewable:true;script_id:_bsa_srv-CK7DL27L_0;platforms:desktop%2Cmobile;skippedVisible:true)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
501
rum
www.lapa.ninja/cdn-cgi/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lapa.ninja/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.lapa.ninja
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
82d4ef6c5d192bf0-FRA
js
www.googletagmanager.com/gtag/ 		258 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJ9DCL233K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63822820-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2efbaa0da7fc1760a56f9b32292e34e11c29ebdd9baaaf22f3e2fe62a5460341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89745
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 19:14:40 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63822820-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 17:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5102
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 19:49:38 GMT
studiovoila-2-thumb.jpg
cdn.lapaninja.com/assets/images/ 		322 KB
322 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/studiovoila-2-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ed4f30c04b0ddb11d067299bb8002532ee0776299aa9fe84ea551b7b627a4a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830e89a7-006557cf6a-522b2cff-sfo2a
age
328566
x-envoy-upstream-healthchecked-cluster
content-length
329373
last-modified
Thu, 09 Nov 2023 02:15:17 GMT
server
cloudflare
etag
"102d0e4fe6d357fb8f6d616140ada46a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cd7193c-FRA
julienvallon-thumb.jpg
cdn.lapaninja.com/assets/images/ 		413 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/julienvallon-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0e0029fc19ae329a07d7e657787bd5705e3e613e971b0a6b0c1a7fbad0f18b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830e9d23-006557cf6a-522b2d4a-sfo2a
age
328566
x-envoy-upstream-healthchecked-cluster
content-length
422470
last-modified
Wed, 08 Nov 2023 15:10:00 GMT
server
cloudflare
etag
"557e821e090089085615b69cb5ac49e8"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cd4193c-FRA
bertchcapital-thumb.jpg
cdn.lapaninja.com/assets/images/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/bertchcapital-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec76b8e1ef15d56a8c99a63434940ac5fd36bf94354050cea36b31ef6d50e74
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830e929f-006557cf6a-521f6452-sfo2a
age
328566
x-envoy-upstream-healthchecked-cluster
content-length
314177
last-modified
Wed, 08 Nov 2023 15:09:50 GMT
server
cloudflare
etag
"411672545a74d9083112ff107cda884f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cd8193c-FRA
davidanthonychenault-thumb.jpg
cdn.lapaninja.com/assets/images/ 		665 KB
667 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/davidanthonychenault-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991b129b282c570c4c5b8fffc53bcb9a85aa29bb464409ce8fa19e0fe0093673
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830e89ff-006557cf6a-522b2cff-sfo2a
age
340095
x-envoy-upstream-healthchecked-cluster
content-length
681150
last-modified
Wed, 08 Nov 2023 15:10:04 GMT
server
cloudflare
etag
"c2ef484802f6be8484aacde573582e99"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cdb193c-FRA
positiveintelligence-thumb.jpg
cdn.lapaninja.com/assets/images/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/positiveintelligence-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15163e96ffe9fc9920a779f0d37c24e53fd5cfde6052b9021c3d0e11e538efcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830e92e9-006557cf6a-521f6452-sfo2a
age
40024
x-envoy-upstream-healthchecked-cluster
content-length
182954
last-modified
Wed, 08 Nov 2023 15:09:56 GMT
server
cloudflare
etag
"b765565918dc41455a4a2f7a3afd1946"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cdc193c-FRA
asimov-thumb.jpg
cdn.lapaninja.com/assets/images/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lapaninja.com/assets/images/asimov-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc391c453f4f2737c278dfefa6b132c4fd8e854ffffc277e819bc0bd3ad894a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000830ec2b3-006557cf85-522b2d1d-sfo2a
age
303028
x-envoy-upstream-healthchecked-cluster
content-length
254407
last-modified
Wed, 08 Nov 2023 15:10:12 GMT
server
cloudflare
etag
"5aa8f5446914882e6ae67bd1963212c7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/jpeg
x-do-cdn-uuid
32119e20-e441-4426-9607-6e0dc13906c2
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
82d4ef6d3cda193c-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfbe12cc8f7ab78ee062162063dbeabbf514575b2668f9d3af2b44116ec4e8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138528
x-xss-protection
0
server
cafe
etag
6152814136680851209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:40 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame B30E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:36:58 GMT
etag
13268084621564590274
expires
Tue, 12 Dec 2023 09:36:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GJ9DCL233K&gtm=45je3b81v873512054z8812259685&_p=1701198880626&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1168814266.1701198881&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701198880&sct=1&seg=0&dl=https%3A%2F%2Fwww.lapa.ninja%2F&dt=5862%20Landing%20Page%20Design%20Inspiration%20-%20Lapa%20Ninja&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1659
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ9DCL233K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GJ9DCL233K&cid=1168814266.1701198881&gtm=45je3b81v873512054z8812259685&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ9DCL233K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GJ9DCL233K&cid=1168814266.1701198881&gtm=45je3b81v873512054z8812259685&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2121283047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=167073565&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lapa.ninja%2F&ul=en-us&de=UTF-8&dt=5862%20Landing%20Page%20Design%20Inspiration%20-%20Lapa%20Ninja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1618160417&gjid=1133318484&cid=1168814266.1701198881&tid=UA-63822820-1&_gid=1942541085.1701198881&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=816351846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63822820-1&cid=1168814266.1701198881&jid=1618160417&gjid=1133318484&_gid=1942541085.1701198881&_u=YADAAUAAAAAAACAAI~&z=527938937
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 28 Nov 2023 19:14:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63822820-1&cid=1168814266.1701198881&jid=1618160417&_u=YADAAUAAAAAAACAAI~&z=2065796687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63822820-1&cid=1168814266.1701198881&jid=1618160417&_u=YADAAUAAAAAAACAAI~&z=2065796687
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C1F8 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
032133a9218a350d49b71667de8243b43d725c747f1d07833e0c4976803743aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10117
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcbe9614aff994d450e4f4e4a4e9a2633429619d85decba7ea040f5d2023d081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12156
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33C7 		90 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d6edf666228a8fb432ec6adf7d150448c8ec71ff557a55bee37ed54440dfadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42729
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FDFF 		115 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3c46bcfefc90b9ff044f237f9bdcb2b5cb2b1d56ab27c50d89af29f41672e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40818
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 099B 		109 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7146e93e8058402d3c2a57060a39058e8b71c8a24083d1fc7c5486e2a67c42bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45950
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8A5 		115 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77b8c37a5522bc89f90ad983fc4c120ad5ccaf3f5eb96166518d65940cf51e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40828
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D127 		196 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&adk=1812271804&adf=3025194257&lmt=1701198880&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880791&bpp=1&bdt=1174&idt=192&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600%2C300x600&nras=1&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfb0b59b72196849810752e999e1fd2044c634f878b9999b031b25d391e0040c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
53589
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tag
btloader.com/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e202a5950ce92f159a812a0d51488e2ab6a5d85639996bdce55298393079d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 18:37:47 GMT
server
cloudflare
age
2137
etag
"8ae36b1c4f5bc30c1abea632082a4fe4"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82d4ef6f2c75368c-FRA
content-length
20366
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fcd6173da74e2badab0d33bf0612b0514c9d7a8fb73eb4d674414a36f67406d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30027
x-xss-protection
0
server
cafe
etag
118 / 19689 / m202311140101 / config-hash: 6314374006966284211
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:43:56 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P4
age
1846
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
1U4kRwTr-8ogwYPyy83w-0fiErmpgOt02ixysIJ08IO2uhvCMgXmCw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:14:41 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 19:14:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436329
x-guploader-uploadid
ABPtcPr-61BRffVqFta9MgW5Ip9IlUkomHhnbO56zKruopiltmuhRwXJeeOAUPPPa_ghIX55QAY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wk1o%2B7CZ5gJ2d%2BNW%2F16qpH%2Fd7RQEy%2FYj7u%2F5lNJs3l5RrBeGRHiyVXP%2BIRA9YzzRDvZF48XveX%2B9n0iublO8OA8Xrcl%2B62IZfJ5FspbfzyWJvKmwHrtlfHFWWvnrzH0WYRCeyfhFJnIROFlxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82d4ef6fc8e85d51-FRA
expires
Sun, 12 Nov 2023 04:47:28 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 20:50:18 GMT
px.gif
ad-delivery.net/ 		43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.17287146367536121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436329
x-guploader-uploadid
ABPtcPr-61BRffVqFta9MgW5Ip9IlUkomHhnbO56zKruopiltmuhRwXJeeOAUPPPa_ghIX55QAY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAelYwCHTBn7nHu4JnAK6VS2iR%2BzWKqhXXF5Rp9Syj3jr5IQ9MmAv4VhgH7G9gQa3aut8wyWeZw8ks9GsuNL415e9J4uAkC3x%2BsDmZjXmGdoHen3st9VJk1BRn493P7aG%2FHXL5IM0t9G0Yt2Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82d4ef6fc8e65d51-FRA
expires
Sun, 12 Nov 2023 04:47:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3442 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 17:29:52 GMT
expires
Wed, 27 Nov 2024 17:29:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7F2D 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a2be85326ca666f9f79695a2b950a4bfad8b16258ffa83eb585d2a51b65be75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tDOeeI3FDAPmRTf7X1iiCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tDOeeI3FDAPmRTf7X1iiCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
50111
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137994
x-xss-protection
0
server
cafe
etag
6213585212225905441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 27 Nov 2024 05:19:30 GMT
747b8b51-ec47-4dee-9823-b2b73124b71f
config.aps.amazon-adsystem.com/configs/ 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-82.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
bc2d054ef4de79c1f0c982cc6439c6ef7385853321e8d7bb5091a0baf7fd6891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:59:54 GMT
via
1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
887
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
FwPxEMkIIzzWgO7BYrcnpRDV_zlNK8Us0rD5JWoTLm10JPupddwpcA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.lapa.ninja&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
Server /
Resource Hash
8e84fd9436924a2ecdb5162c25581384a82fca487b3b99f0d4d598a03a939c75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:13:48 GMT
via
1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
age
53
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2198
x-amz-cf-id
XzbwGaQ5gdoTdlmNDqBtxY_0BSqIfuNqt2JEtf7t1EFjvZ-harLuWw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront)
date
Mon, 27 Nov 2023 21:35:15 GMT
x-amz-cf-pop
AMS58-P4
age
77967
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
4ZZrJFxK9MGI6bz-tttguDltQ-7l3g3YZGIr7Z1YUZ3-ELyKSeUJlg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1154354190865477&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 3442 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 28 Nov 2023 19:29:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-12.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 75e0fbd228777058c683bbe0f9e553f0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
47151
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
SWbAgkxbwyfbWCWDTavmBlnEjSpwtItLpC37__It9tYiLYYRlwNqFQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.lapa.ninja%2F&ref=&_it=amazon&partner_id=617
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
373
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82d4ef70bbe71b36-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
DAEMSFPBEN2DT2X3
age
3077
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82d4ef70980e9b4b-FRA
x-amz-id-2
pOjyED7KxroyUQo1Z+aayFrPdh3qDjtPQW/5tY7vITCCvoAMCKSU4lqoEejc7ataFUa+S0lom7fd6Q6g0hcZJQ==
CEADKKQ7.json
srv.buysellads.com/ads/ 		1 KB
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CEADKKQ7.json?forcebanner=516291&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.198.146 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-14.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
a5258b908c51bc5c111528585429d4bd553291c5483b0ade66910b82db018e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
575
localstore.js
script.4dex.io/ 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
129593
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrOpVPLgVlEgUNPN7gNeMeDNnOcu1yrRkHHNCJzVRj1vVCIlsfBM9ZKl7agziBKR57Yo2WvkDNkJMGmtsQolGUPdvLuuTCfmiyivm4saRp%2B%2FDUdT1DMw2iWLPcdq3w6D4Op%2FLZq2wBV8nxOW"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
82d4ef70c9574d68-FRA
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=35470702267&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lapa.ninja
date
Tue, 28 Nov 2023 19:14:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:40 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
mp.4dex.io/ 		60 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82d4ef70f8369000-FRA
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.lapa.ninja%2F&PageUrl=https%3A%2F%2Fwww.lapa.ninja%2F&PageReferrer=https%3A%2F%2Fwww.lapa.ninja%2F&CanonicalUrl=https%3A%2F%2Fwww.lapa.ninja%2F
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
939be10d91010b695026b853973999ba2debc121f575d3cba94960bb6f40c325
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
1
x-kong-upstream-latency
93
content-length
465
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
an-x-request-uuid
1bce045a-5e12-4885-8f5b-3f08b3da5297
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		70 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a5673629ab0953683a71d5f4f7a9a14f02f4c9c0143fe59671b48ec24f55aa9a

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.lapa.ninja
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
91
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 19:14:41 GMT
bid
ap.lijit.com/rtb/ 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9182296fe326d3ac80b88c608456f49842aaf5a3280dfcc6c9b6265e54d172ea

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Nov 2023 19:14:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lapa.ninja
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
arj
buysellads-d.openx.net/w/1.0/ 		73 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapa.ninja%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c8c2aa3-a938-41d1-a3d6-5c128e067cae%2Ca15deb7a-7ea3-44bb-8c91-6b83deaad7ae&nocache=1701198881356&schain=1.0%2C1!buysellads.com%2C2458%2C1%2C%2C%2C!google.com%2Cpub-9961814823930967%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=bsa-zone_1612999475108-2_123456%2Cbsa-zone_1613000091517-7_123456&aucs=%252F22960212090%252C23004428513%252FLapaNinja_S2S_MediumRec_LandingPage_Pos1%2523bsa-zone_1612999475108-2_123456%2C%252F22960212090%252C23004428513%252FLapaNinja_S2S_Sidebar_Post_Pos2%2523bsa-zone_1613000091517-7_123456&auid=541001001%2C541001001
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
67c1d297751fece54cfe8213a0246db1d63066823ff32d89530bcdb311a35534

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapa.ninja
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/ 		693 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6101
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
275b8177dbc1950ff232ffc7d4f0949fb8e09e9601ed6ac1e9ef51e60d444576

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.lapa.ninja
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.lapa.ninja
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lapa.ninja%2F&pid=IwmhI3DyfVLxu&cb=0&ws=1600x1200&v=23.1108.2350&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1612999475108-2_123456%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_MediumRec_LandingPage_Pos1%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1612999629378-0_123456%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_HalfPage_LandingPage_Pos2%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1612999684592-5_123456%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_HalfPage_LandingPage_Pos3%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1612999701754-8_123456%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_HalfPage_LandingPage_Pos4%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1612999719673-9_123456%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_HalfPage_LandingPage_Pos5%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1613000091517-7_123456%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F22960212090%2C23004428513%2FLapaNinja_S2S_Sidebar_Post_Pos2%22%7D%5D&schain=1.0%2C1!buysellads.com%2C2458%2C1%2C%2C%2C!google.com%2Cpub-9961814823930967%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.159.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-159-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cb7ecd2473bf95a71af8d1ff8d1034fa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P3
x-amz-rid
57Q06HDYK7QG7D3YZXM6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
R-5KSMKT03XQY8Q258WuN_6yKeaJ3i-d7VP8RlusX73kekvk9bxF4g==
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=13ScUdng&w=6197557905063936&o=5102648370397184&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.lapa.ninja%2F&sid=8NC86lsU&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 19:14:41 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 3442 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qEnpHA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cceb0bf160b67135840868721c27daf1fdd57da128ce4cc82b89e271d19bcd4d

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.lapa.ninja
cache-control
no-cache
x-server
10.45.7.100
access-control-allow-credentials
true
content-length
60
expires
0
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
49503
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35G4muepnCZhokEwGRvBFp34LKmhlzn9k3%2FcOYehvKvGrLTgUiPZJLMRcYCxOvC21McxepVrXtdCTacQd3cuXLjLMnWfjXwgHW6yMXyerXKwdSLN6c8YaHOq6fYBlNHf1QaX7aHEAJEZmVJH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
82d4ef714e585d3c-FRA
hadron.json
id.hadron.ad.gt/v1/ 		95 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=www.lapa.ninja&url=https://www.lapa.ninja/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.lapa.ninja%2F&ref=&_it=amazon&partner_id=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e5d8742b66bd6200c83cd413be6d8a0c220619b80808ed43bb9e2a9b71b940

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82d4ef724aac5d90-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=www.lapa.ninja&url=https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lapa.ninja
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82d4ef7179bd5d90-FRA
content-length
0
content-type
application/json
date
Tue, 28 Nov 2023 19:14:41 GMT
debug
OPTIONS block
expires
Wed, 27 Nov 2024 19:14:41 GMT
server
cloudflare
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0163 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChGOk0UXzwEORJJ7xNAxO4AY51W4JJsq51TT4bo1Cb3c-hhRKuIaTWSV_4yFHz-6zcCxRbNS36oYyRhRi7dzx0yo5Xxk6UBt_0VkgWylRDSscaY9s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8316991379922093641&x=1&ct=119
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C1F8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1F8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C1F8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
12071647342324707524
tpc.googlesyndication.com/simgad/ Frame F8A5 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12071647342324707524?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmQrGaQbxNqIJi1lFN4aLEbtctJWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
044154544ae6a2b5625a48a37ec752aaceffa48488c8e494c0cff3fdaf00eebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:02:50 GMT
x-content-type-options
nosniff
age
11511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70781
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 07:56:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 16:02:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F8A5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
32726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:09:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DCA6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 18:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F8A5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F8A5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F8A5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F8A5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
server
cafe
etag
12205605038930952422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:55:10 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55801
x-xss-protection
0
server
cafe
etag
7188734607447846984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DCA6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8A5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
082874fa123c35db3acf42ee12c0069dd2ad4b6e8f95042738fabf89f22953f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		377 KB
97 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1154354190865477&correlator=2975082230271621&eid=31079666%2C31079527&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=22960212090%3A23004428513%2CLapaNinja_S2S_MediumRec_LandingPage_Pos1%2CLapaNinja_S2S_HalfPage_LandingPage_Pos2%2CLapaNinja_S2S_HalfPage_LandingPage_Pos3%2CLapaNinja_S2S_HalfPage_LandingPage_Pos4%2CLapaNinja_S2S_HalfPage_LandingPage_Pos5%2CLapaNinja_S2S_Sidebar_Post_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%2C300x600%7C160x600%2C300x600%7C160x600%2C300x600%7C160x600%2C300x600%7C160x600%2C300x250%7C320x50&ifi=8&didk=867349676~3189889664~1093269883~2728211643~1069456901~220375499&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc9e4455209f42e86%3AT%3D1701198881%3ART%3D1701198881%3AS%3DALNI_MZXkmwc7WAPEnRmdCh3m7WshJ-Q-A&gpic=UID%3D00000ce16f9cf386%3AT%3D1701198881%3ART%3D1701198881%3AS%3DALNI_MYuwOq9AtdblJI2UKA3LRPfFvlhRA&abxe=1&dt=1701198881640&lmt=1701198881&adxs=1284%2C450%2C450%2C850%2C850%2C1250&adys=76%2C1177%2C2541%2C3905%2C5269%2C7222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.lapa.ninja%2F&vis=1&psz=300x0%7C300x600%7C300x600%7C300x600%7C300x600%7C368x0&msz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C368x0&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C368%2C368%2C368%2C368%2C1600&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=true&cbidsp=CrgCCAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhgKCGFwcG5leHVzEGYgAlIIYXBwbmV4dXMSGQoIbWVkaWFuZXQQ5gEgAlIIbWVkaWFuZXQSEwoFc292cm4QmQEgAlIFc292cm4SEgoFb3BlbngQWSACUgVvcGVueBITCgVub2JpZBCpASACUgVub2JpZBIVCgZvbmV0YWcQhgEgAlIGb25ldGFnGAIiJDljOGMyYWEzLWE5MzgtNDFkMS1hM2Q2LTVjMTI4ZTA2N2NhZSoECAMgADIHdjcuNTQuMEDEE0oA~CpwECAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRCVAiACUglhZHlvdWxpa2USGAoIYXBwbmV4dXMQZiACUghhcHBuZXh1cxLDAQoIbWVkaWFuZXQQ5QEapwEKDzgyNjcxMjNmZGFhNzc5ZBDwqwEaA1VTRCIDX3BsIgNfYmQiCWhiX2JpZGRlciIHaGJfYWRpZCILaGJfY3JlYXRpdmUiBWhiX3BiIgdoYl9zaXplIhJoYl9iaWRkZXJfbWVkaWFuZXQiEGhiX2FkaWRfbWVkaWFuZXQiDmhiX3BiX21lZGlhbmV0IhBoYl9zaXplX21lZGlhbmV0KAE6BgisAhDYBCABUghtZWRpYW5ldBIZCghtZWRpYW5ldBDmASACUghtZWRpYW5ldBITCgVzb3ZybhCZASACUgVzb3ZybhITCgVzb3ZybhCZASACUgVzb3ZybhITCgVub2JpZBCpASACUgVub2JpZBIVCgZvbmV0YWcQhgEgAlIGb25ldGFnGAIiJDg0YTY4MzFkLWQ4YmQtNGQzNC1iMjdkLTY4ZTgxYjUyMzM2MyoECAMgADIHdjcuNTQuMEDEE0oA~CpsECAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRCVAiACUglhZHlvdWxpa2USGAoIYXBwbmV4dXMQZiACUghhcHBuZXh1cxLCAQoIbWVkaWFuZXQQ5gEapgEKDzgzNTY1MmE5ZWIwODIyORCQThoDVVNEIgNfcGwiA19iZCIJaGJfYmlkZGVyIgdoYl9hZGlkIgtoYl9jcmVhdGl2ZSIFaGJfcGIiB2hiX3NpemUiEmhiX2JpZGRlcl9tZWRpYW5ldCIQaGJfYWRpZF9tZWRpYW5ldCIOaGJfcGJfbWVkaWFuZXQiEGhiX3NpemVfbWVkaWFuZXQoAToGCKwCENgEIAFSCG1lZGlhbmV0EhkKCG1lZGlhbmV0EOYBIAJSCG1lZGlhbmV0EhMKBXNvdnJuEJkBIAJSBXNvdnJuEhMKBXNvdnJuEJkBIAJSBXNvdnJuEhMKBW5vYmlkEKkBIAJSBW5vYmlkEhUKBm9uZXRhZxCGASACUgZvbmV0YWcYAiIkOGUzZGQ2YWYtMTNjOC00ZjQxLTg5YzYtMDA2YWRkZTQwYzY1KgQIAyAAMgd2Ny41NC4wQMQTSgA.~CpoECAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRCVAiACUglhZHlvdWxpa2USGAoIYXBwbmV4dXMQZiACUghhcHBuZXh1cxLBAQoIbWVkaWFuZXQQ5gEapQEKDjg0YjI2MmQ3MDY0NGIzEPhVGgNVU0QiA19wbCIDX2JkIgloYl9iaWRkZXIiB2hiX2FkaWQiC2hiX2NyZWF0aXZlIgVoYl9wYiIHaGJfc2l6ZSISaGJfYmlkZGVyX21lZGlhbmV0IhBoYl9hZGlkX21lZGlhbmV0Ig5oYl9wYl9tZWRpYW5ldCIQaGJfc2l6ZV9tZWRpYW5ldCgBOgYIrAIQ2AQgAVIIbWVkaWFuZXQSGQoIbWVkaWFuZXQQ5gEgAlIIbWVkaWFuZXQSEwoFc292cm4QmQEgAlIFc292cm4SEwoFc292cm4QmQEgAlIFc292cm4SEwoFbm9iaWQQqQEgAlIFbm9iaWQSFQoGb25ldGFnEIYBIAJSBm9uZXRhZxgCIiQ0YThmZWJiMy1jYzAyLTQ3OWMtYjA2MC0yNDRmZjBlZDU2MDQqBAgDIAAyB3Y3LjU0LjBAxBNKAA..~CsAECAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRCVAiACUglhZHlvdWxpa2USGAoIYXBwbmV4dXMQZiACUghhcHBuZXh1cxLCAQoIbWVkaWFuZXQQ5gEapgEKDzg1YTZjOTI4ODVmMjQ4YhCQThoDVVNEIgNfcGwiA19iZCIJaGJfYmlkZGVyIgdoYl9hZGlkIgtoYl9jcmVhdGl2ZSIFaGJfcGIiB2hiX3NpemUiEmhiX2JpZGRlcl9tZWRpYW5ldCIQaGJfYWRpZF9tZWRpYW5ldCIOaGJfcGJfbWVkaWFuZXQiEGhiX3NpemVfbWVkaWFuZXQoAToGCKwCENgEIAFSCG1lZGlhbmV0Ej4KCG1lZGlhbmV0EOYBGiMKDzg2NzNjZTEyY2VjYmNlNhCQThoDVVNEKAE6BgigARDYBCABUghtZWRpYW5ldBITCgVzb3ZybhCZASACUgVzb3ZybhITCgVzb3ZybhCZASACUgVzb3ZybhITCgVub2JpZBCpASACUgVub2JpZBIVCgZvbmV0YWcQhgEgAlIGb25ldGFnGAIiJGU2YTlmYjEyLWUzYjktNGMwOS04MjU0LWIzMjI4YTBlNGNlNyoECAMgADIHdjcuNTQuMEDEE0oA~CvACCAESFQoGY3JpdGVvEOIBIAJSBmNyaXRlbxIjCg1zbWFydGFkc2VydmVyEJQCIAJSDXNtYXJ0YWRzZXJ2ZXISFQoGYWRhZ2lvEIoBIAJSBmFkYWdpbxIbCglhZHlvdWxpa2UQlQIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRCVAiACUglhZHlvdWxpa2USGAoIYXBwbmV4dXMQZiACUghhcHBuZXh1cxIZCghtZWRpYW5ldBDmASACUghtZWRpYW5ldBIZCghtZWRpYW5ldBDmASACUghtZWRpYW5ldBITCgVzb3ZybhCZASACUgVzb3ZybhISCgVvcGVueBBZIAJSBW9wZW54EhMKBW5vYmlkEKkBIAJSBW5vYmlkEhUKBm9uZXRhZxCGASACUgZvbmV0YWcYAiIkYTE1ZGViN2EtN2VhMy00NGJiLThjOTEtNmI4M2RlYWFkN2FlKgQIAyAAMgd2Ny41NC4wQMQTSgA.&dlt=1701198879617&idt=1706&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1612999475108-2_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1612999629378-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_creative%3DS0300080711068000300060099999900%26hb_adid%3D8267123fdaa779d%26hb_bidder%3Dmedianet%26_bd%3Dbid%26_pl%3D0.02%26hb_size_medianet%3D300x600%26hb_pb_medianet%3D0.02%26hb_adid_medianet%3D8267123fdaa779d%26hb_bidder_medianet%3Dmedianet%7Coptimize_ad_unit_id%3Dbsa-zone_1612999684592-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_creative%3DS0300080711068000300060099999900%26hb_adid%3D835652a9eb08229%26hb_bidder%3Dmedianet%26_bd%3Dbid%26_pl%3D0.01%26hb_size_medianet%3D300x600%26hb_pb_medianet%3D0.01%26hb_adid_medianet%3D835652a9eb08229%26hb_bidder_medianet%3Dmedianet%7Coptimize_ad_unit_id%3Dbsa-zone_1612999701754-8_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_creative%3DS0300080711068000300060099999900%26hb_adid%3D84b262d70644b3%26hb_bidder%3Dmedianet%26_bd%3Dbid%26_pl%3D0.01%26hb_size_medianet%3D300x600%26hb_pb_medianet%3D0.01%26hb_adid_medianet%3D84b262d70644b3%26hb_bidder_medianet%3Dmedianet%7Coptimize_ad_unit_id%3Dbsa-zone_1612999719673-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_creative%3DS0300080711068000300060099999900%26hb_adid%3D85a6c92885f248b%26hb_bidder%3Dmedianet%26_bd%3Dbid%26_pl%3D0.01%26hb_size_medianet%3D300x600%26hb_pb_medianet%3D0.01%26hb_adid_medianet%3D85a6c92885f248b%26hb_bidder_medianet%3Dmedianet%7Coptimize_ad_unit_id%3Dbsa-zone_1613000091517-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dlapaninja%26optimize_xp%3Da&adks=332248707%2C2849838081%2C3984357188%2C2375340557%2C671021069%2C4253434020&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
322276159de667e68c91a99a6f99cf1f8430b76f098c1e741ba535905eb5084f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99501
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lapa.ninja
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39FD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 0163
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8M%2F36nhQdFbq8BDfffAwekS0RpwvzTfsr0xEKIx0V2k%2BfIrLFboHobMadT%2BipFkpeyAU4f0Y%2FH0AVp5Y1t5n3rCWgRWmc3VeLMzKCJOh6ivhVzRSpfbJxsLsIrhAum%2BnRnOBFmJAxOQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef72faf82bc7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0163
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWY8Ia4fGHdPUQ.88XtNdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1FlYsvAPfybt6x6OxSwFfFz0t3U2SCX%2FEqBfpVGL85UirEJ3evJ1LyTH%2FqBDd5JugpYafQggKB8fChbtE5Wuw6Q7LgMsjSLKecEQaXzyDHpb2yKqrCsO%2FbiPmfvVVQtKbsqj8WYnDZCBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef737b7b2bc7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0163
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
an-x-request-uuid
e3920631-ea65-4214-8184-64cd596dc843
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0163
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJSMhfMBMAE&v=APEucNU6y2KCF-b__WtgVQzHJpx3yuVwYacKPyt832HxP9lAmlk3bCG9s2VHUtRSGELpbCG7pryIDgHZegrntAhx9A557dnBNwHsM_LMDvW6t-7lJhHd68mGt7CwrNe_XFinXTJyw3tsO_MCTpkloy-8-aTH1L-YOXYXgRwrttwG1zSPgb7B8VM
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
an-x-request-uuid
b520f26f-22b8-47db-8224-65ac207fa866
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
12071647342324707524
tpc.googlesyndication.com/simgad/ Frame FDFF 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12071647342324707524?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmQrGaQbxNqIJi1lFN4aLEbtctJWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
044154544ae6a2b5625a48a37ec752aaceffa48488c8e494c0cff3fdaf00eebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:02:50 GMT
x-content-type-options
nosniff
age
11511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70781
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 07:56:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 16:02:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame FDFF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
32726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:09:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FDFF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FDFF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FDFF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:41 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FDFF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
8371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
server
cafe
etag
12205605038930952422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:55:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 790C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 18:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2354154526989&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2354154526989&version=m202309260101&ct=119&x=1&cor=8316991379922094000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C1F8 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa3kzA_O37nCe-zfbk4ES6JEL2kAun9OMIwO4KgFQymIn70_5hQgtx0OlNOco6deuqW3Kmtk9EhzL4BDphCSUfKtXRr8hVIx3s1D8DPlzK4Jt2SpGip9pNaEAKgrHAssar0_-0Snn7ZaADzn0gJihhmW5-Pcp7sZRhC8Sk4pE2-FRIiG8&cry=1&dbm_d=AKAmf-Da-e_Srpvr-PEeHc6_tT5IvPZ-CuObIQLBwa0K6eDU2oiY4o4J6VLBlm57qty9mr-krCpye3QDOlvnnDG9WYBgafZzJEDIHur_ZhZwlTACAHzg3cHxSFr2ZRqMt3hCJOySHagNgPTa59EoFPSglJvuMDIp8OlBJBM3RhytwZ9FbQ18KyGnGP_ec09woPmQRxA4yNJORnPD_aDumNryrgzAXVI6FRltEJHpnCNSObjUO__rNqN__oMFqOZ_IyVStDELxjUQdbFOLU0SshElMvlpUkk9xhP_8bved7Lb8jd-1xhfefifmoSprW9SP5nu9meffzSuyTGe5DEnjeD_suJyTHEG8fv8VCEE7bfn7qMdpoaeuExAuuYZuTe7SsY11SjR-K1YmFl-9f2TFXr6JB_f9rYyaonrOAvthr48rvwHLdAHe5EQy762dLi2WonpdlQuYsm9ibphhyWcjbrg2yF30TPIlcgjKtjU_MzqQKn1dPAVstxN6Lte1dPn9uUzie9JjEzaJ8SMG2z2FlIDfkm0mxXDhmtCeERMWhKgmy0knFeWUoxvf-UBwETIkEnX8JLFqdolHa9hOqP7lnaCZYp9prw5DLTTzCkb-3ffnTYLO0JzN4YbnDTouIutZFHIBzPdOjFmEtRh66jGLRw6fyMe-LylROPcFX5kIk-fqugFOamXHQUhdMXvcm1MqItMbOexPxANd6bi-uMh2ay0rRbfT7DwwH1AVTy1pDCAZQWdssH2mqGCFo3-p9YcWfUl4NY7awhV3qMOLkis-Vca7MpmPOTiQWGDBw--YK6e9bWPmYZRl_CY8l7nx9CJuv6rFePfOZyXH5k5nOa8UlinP-azSUs8W3XoMQi9XHB6InE7OHyS_2MP3m2C_1miYDswQMNpZCzXPujBcLiU00KCnydTNW8Zew2n6HXVNxXC4DZXk4WJ-O8Ns9XWGXHTndEhFoLjq_86-YV8bBmfqLefps7ru-OmQbv6yg67LAAYqb1rNRhMmSRIzHSYkaZio5PCwy7xMhrYHYxLBvFw5DzfsZMe_uqCxPSeXlkda-vwCs-IXSE6JfKOwuRFWDlsf3xCd7tFsbiW5iq6gv1uiJYpcEnYxOZNHN75SVIqoHO5n7xJLmFG5B7QjGVsUF_XyseQdWlyUISaP1Bw5RuDBuZxCmFi975T7ld4UuMfCYjbsF531_rOFjcFcDlWHk4vu_9C4dzbdoB1aPRtbXDiwFavk7UudQGiqGmIY337boHuaH9EtUVrKvX9HJXE2VmV4LS39w9HjQD2jInY4ZUGCiCWe_4n21AXQDJznomd8cgvwJiq_aapGbbkqBi4W4QfuNmQcLFD6sDQLbTWuIq-lrHZzimW8ocXdxT2tksWtAWtBf41KrogDejJ3M_Sc9t66hDl4E4ZyUKOkEETtYZHnIEWQwxddb7laVt9JDEGsBvnFAUpRc-TSq1azJFgIxUtvt5lofCfhsLKXBIGkdiV1sQo-KLdbZgBiUovuZhkj_5W3wSEITU2rdioVa-Mf9q1JMDacZABjsEm2AjRFsETboYY9rQFJcxMeRjiSfU7vdAW0pv1omgdIJFXlXK9UgWqhy-EeqdfQgyU4WgHBoSgBgU47cOvBbWMUDccdyTsH9DoLXlSJM97UUSHp91L7-yKjOyq66kvArH2ADWnvhvYRljz6Zkl5CeThiQC9hwrQDj8KnJK5_AS3Byurh9o2iDPXD2xVThUA6Pz8CCn9LmllhL1iTGVM8X87kISCZtx0QCUBdf4Th-vis2Y7r5UMj6jWjsPS2JhZeZRE1O8W2VDm-BkoB3oj2hBRdZeG8dcRu4NWT6_GVof1f-y24XV0th2P3Xm-dG2XBjAHx09GhRm3Wwh8FZBJaHZdpbVBnvI6x0KGZNTQoEi_38dh0RikXzGyLP-9WeS6FYIRkBQ9DNXvNVPJe5Knw7pS9TqhcQKiXd5LeS7aRq8CxKXWljKPCRixU8WAPIWRhFrQNWlCiJKe6oAwrxXjw1FWa4s44nWDyukXMVIPI60R9g8LfSj7bAvDbTM3-YeCsXpKUG8cJ0DpNijhhMYH8gMscPf4pNeY8OFDRxbxdsN3CvSuIsnWON_d123QhYtDJeD7efpR9Gb9yWruWhG8b9ow9OgfnF-Xj5SUZFnLMHiY-HmhIZ9GtHmTyu4EUtpyikN2KnjjJUOJolv7kBZDP-Bsw-IEUjLtid75If3blTBNkpHShALHUiEigd7KZpyRXhN9Ca90hOf2iLU3Hrw1g7DZtKogJYSznZsifSGuZLxsmKvVw1iWmZT1gKUEHNzX76iqOPJmquqUwqr0b8UXFOVvQ5rqNYbMfCtPrzZbq5PaGYo8M8EdCBX_CFPPQozsOnoo-JW_k9hNLGZzC6kx7nLiYpt5fDYzVRrv2TiVvvlxnMRGhTbQKIjqBYKRQDKUrUKACuPWJZb4wtMrVuoNAGgu6XhZ6U1TAXx043KjKpifrAUJ59tuS3VSM2nGfi9hQZETCZELRdmC8-sTpt_Qtck7YNrPmasulZY59lzrNK2yO1lKSQmD-LML0mbSz7sy-8xte2lT76hi9TpF_lF-zWkGW4M9GTF9FD45YtC-x9xMNTbJkK63oB9Psto2o26XToITX2GSRQ864CxtvZS9iI04coSHm9B5XChfqO1D_02BBzuRK_R4TCgLSFpqtGnow6h-GRQAIV1BNSWfWKtiMIR4Y2FL4CuR9jBfR6AskeEu8VJDF1nT8Y7F6wHr4yn6NRs-PZOUt24bXBSaJ68S0nxWUM9siqexC7RzcyVLhECp9NhqMZGHBs2i6scpQ03l1dsU1lKR3dAqKPhXL3dwSE3vCgHTxrRwoZ2CLEzGWkPZuqM9q2rJHk7CYQq_W_Aw-nt3JxE19AbARb4gXnxjA2EYrC30ufRTwHxOCW1eYG-6pmgahbz4jTMLH970OA9E-lpExLY6qgtUrM2i8PhBzHLcYBJXWCMLCA1eMSMw2EUziTIOTADlz4xMZJbTlq0hzEUwD4tcuxPSRXi_IFY_Da6Jj2xiYdgd3WrG6ZYfLj4V0OdJeareqQ3u2nvzWwyU_HdLAcwM5Toz-RXlYJ4QF_BrPXF4Jsl1eIKOMEkEuM9hjz3RK7Mx2tnJLL8Rr6WXDXjJDyYOxd5LxWbCtGwloLIrRv7VReZczY5gxbQaN0VUvvFanS2HeZH5h7uQ3-qR1fHK8d6XTF79s49soh-LiP1D1ImbkG7vdkze_hdZy4YiddDtV82oYyXpGTxk22B05BjwMlWciJIeGvtNVOez1Us0b-id36RgF08xv73vid8jqv7gq2e35RZ7qdqDjg3HnD8MhbzRkB80l4LvAkk3kssCK6mCVeIwNvW4ZjAusWhkm3-UBOquMOAl_N77m0w1rReWmwHP3CT-Q9Hgly5rSvplBJoCa2I9azV1-i2-5vpx1lzj7iU3JpcE5VqVGMU2vKYrO-1MiTK9cbE-R6d3U9zcXrjqwANiQIUbGoSwHrioy5hSqjH9FIDuX13cvL3pB7fX2dOSGhtRhSNtf7_XexXyyW8zu1L-No6q33hXBtV4q4yhnDC7_GvfjHuv2rqSTIxlCD-qNwUot6BRtdWVrft9iymQA_UgrAA82IkNAgZ9_URA_gcYJr4ReXKvLoMHTShEGfpLUwjdTOKVu-VUvRURYvwM1Bbh8qVCQjeOCWYiUIzMhUTWmvnzyYe2jSTGrK3CuQzzXhm5OwSWiWmOO8V7w&cid=CAQSTgDICaaNYtpqN-F5Eq4NWidELSuyOAoW4Z_NWPVkZQS6ZCcrdKyVnCViB2Gqayx7R-feBQEizZUDC789ddv6yAq_l5XBYA4VFpCvYPWybRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=8316991379922094000&adk=356101037&idt=103&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2217ae31ffd73a9066945f467c971a407148636960faa30988e41ca0320e6a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38510
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FDFF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d62734603e1f78de1eb9d35650109929172c07bc1019ab0637fe0c37e6bf336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 790C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Tue, 28 Nov 2023 19:14:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame F8A5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXSTvITxmZdFO0e-3B9D4m6gJ3fXtqHT45YO6vBLQoNb3rAEQASDCp7tkYJX68IGMB6AB5-j20QPIAQKoAwHIA8kEqgTKAU_QoCCF1x13G33I_Ak1CpAPkZJvqmF-Fx0VNyVQyKEodp67GyP...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218268958984486645713%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218268958984486645713%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214982209160567902993%22}&andc=true
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"18268958984486645713","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"14982209160567902993"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 19:14:42 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18268958984486645713","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"14982209160567902993"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame FAAD 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=1011456819&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880775&bpp=1&bdt=1158&idt=199&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
351590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 17:34:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame FDFF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwukCITxmZYkt-oDC4g-csLyQDd317ah0-OWDurwSuvPS4LIBEAEgwqe7ZGCVuqaCsAegAefo9tEDyAECqAMByAPJBKoEzQFP0Dfv9PWr8_idA9EwIDLTyxDdVc9BuO7fltkbf7ufIhgrs97...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228178848817197974954%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228178848817197974954%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013419364769371521%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8178848817197974954","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"5013419364769371521"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 19:14:42 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8178848817197974954","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"5013419364769371521"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 099B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPaLaVH8_ffowRZhvF3a1jLElFfM4bDobF-9bJ1hPQkgJqt94QFMrDPqIKUiMRfHDWEAHzYXZgQrQkR527UF1bx7XEWl-grIBa5vXL7B4nSph4pYY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8E0A 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
expires
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
617
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/617?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.lapa.ninja%2F&ref=&_it=amazon&partner_id=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b3b3918edef64718897d59b2b6401c53deed6f9b766f3f221f9a334d25e34f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 19:13:05 GMT
server
cloudflare
age
96
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82d4ef744ea23831-FRA
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218268958984486645713%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214982209160567902993%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C1F8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 07:40:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C1F8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa3kzA_O37nCe-zfbk4ES6JEL2kAun9OMIwO4KgFQymIn70_5hQgtx0OlNOco6deuqW3Kmtk9EhzL4BDphCSUfKtXRr8hVIx3s1D8DPlzK4Jt2SpGip9pNaEAKgrHAssar0_-0Snn7ZaADzn0gJihhmW5-Pcp7sZRhC8Sk4pE2-FRIiG8&cry=1&dbm_d=AKAmf-Da-e_Srpvr-PEeHc6_tT5IvPZ-CuObIQLBwa0K6eDU2oiY4o4J6VLBlm57qty9mr-krCpye3QDOlvnnDG9WYBgafZzJEDIHur_ZhZwlTACAHzg3cHxSFr2ZRqMt3hCJOySHagNgPTa59EoFPSglJvuMDIp8OlBJBM3RhytwZ9FbQ18KyGnGP_ec09woPmQRxA4yNJORnPD_aDumNryrgzAXVI6FRltEJHpnCNSObjUO__rNqN__oMFqOZ_IyVStDELxjUQdbFOLU0SshElMvlpUkk9xhP_8bved7Lb8jd-1xhfefifmoSprW9SP5nu9meffzSuyTGe5DEnjeD_suJyTHEG8fv8VCEE7bfn7qMdpoaeuExAuuYZuTe7SsY11SjR-K1YmFl-9f2TFXr6JB_f9rYyaonrOAvthr48rvwHLdAHe5EQy762dLi2WonpdlQuYsm9ibphhyWcjbrg2yF30TPIlcgjKtjU_MzqQKn1dPAVstxN6Lte1dPn9uUzie9JjEzaJ8SMG2z2FlIDfkm0mxXDhmtCeERMWhKgmy0knFeWUoxvf-UBwETIkEnX8JLFqdolHa9hOqP7lnaCZYp9prw5DLTTzCkb-3ffnTYLO0JzN4YbnDTouIutZFHIBzPdOjFmEtRh66jGLRw6fyMe-LylROPcFX5kIk-fqugFOamXHQUhdMXvcm1MqItMbOexPxANd6bi-uMh2ay0rRbfT7DwwH1AVTy1pDCAZQWdssH2mqGCFo3-p9YcWfUl4NY7awhV3qMOLkis-Vca7MpmPOTiQWGDBw--YK6e9bWPmYZRl_CY8l7nx9CJuv6rFePfOZyXH5k5nOa8UlinP-azSUs8W3XoMQi9XHB6InE7OHyS_2MP3m2C_1miYDswQMNpZCzXPujBcLiU00KCnydTNW8Zew2n6HXVNxXC4DZXk4WJ-O8Ns9XWGXHTndEhFoLjq_86-YV8bBmfqLefps7ru-OmQbv6yg67LAAYqb1rNRhMmSRIzHSYkaZio5PCwy7xMhrYHYxLBvFw5DzfsZMe_uqCxPSeXlkda-vwCs-IXSE6JfKOwuRFWDlsf3xCd7tFsbiW5iq6gv1uiJYpcEnYxOZNHN75SVIqoHO5n7xJLmFG5B7QjGVsUF_XyseQdWlyUISaP1Bw5RuDBuZxCmFi975T7ld4UuMfCYjbsF531_rOFjcFcDlWHk4vu_9C4dzbdoB1aPRtbXDiwFavk7UudQGiqGmIY337boHuaH9EtUVrKvX9HJXE2VmV4LS39w9HjQD2jInY4ZUGCiCWe_4n21AXQDJznomd8cgvwJiq_aapGbbkqBi4W4QfuNmQcLFD6sDQLbTWuIq-lrHZzimW8ocXdxT2tksWtAWtBf41KrogDejJ3M_Sc9t66hDl4E4ZyUKOkEETtYZHnIEWQwxddb7laVt9JDEGsBvnFAUpRc-TSq1azJFgIxUtvt5lofCfhsLKXBIGkdiV1sQo-KLdbZgBiUovuZhkj_5W3wSEITU2rdioVa-Mf9q1JMDacZABjsEm2AjRFsETboYY9rQFJcxMeRjiSfU7vdAW0pv1omgdIJFXlXK9UgWqhy-EeqdfQgyU4WgHBoSgBgU47cOvBbWMUDccdyTsH9DoLXlSJM97UUSHp91L7-yKjOyq66kvArH2ADWnvhvYRljz6Zkl5CeThiQC9hwrQDj8KnJK5_AS3Byurh9o2iDPXD2xVThUA6Pz8CCn9LmllhL1iTGVM8X87kISCZtx0QCUBdf4Th-vis2Y7r5UMj6jWjsPS2JhZeZRE1O8W2VDm-BkoB3oj2hBRdZeG8dcRu4NWT6_GVof1f-y24XV0th2P3Xm-dG2XBjAHx09GhRm3Wwh8FZBJaHZdpbVBnvI6x0KGZNTQoEi_38dh0RikXzGyLP-9WeS6FYIRkBQ9DNXvNVPJe5Knw7pS9TqhcQKiXd5LeS7aRq8CxKXWljKPCRixU8WAPIWRhFrQNWlCiJKe6oAwrxXjw1FWa4s44nWDyukXMVIPI60R9g8LfSj7bAvDbTM3-YeCsXpKUG8cJ0DpNijhhMYH8gMscPf4pNeY8OFDRxbxdsN3CvSuIsnWON_d123QhYtDJeD7efpR9Gb9yWruWhG8b9ow9OgfnF-Xj5SUZFnLMHiY-HmhIZ9GtHmTyu4EUtpyikN2KnjjJUOJolv7kBZDP-Bsw-IEUjLtid75If3blTBNkpHShALHUiEigd7KZpyRXhN9Ca90hOf2iLU3Hrw1g7DZtKogJYSznZsifSGuZLxsmKvVw1iWmZT1gKUEHNzX76iqOPJmquqUwqr0b8UXFOVvQ5rqNYbMfCtPrzZbq5PaGYo8M8EdCBX_CFPPQozsOnoo-JW_k9hNLGZzC6kx7nLiYpt5fDYzVRrv2TiVvvlxnMRGhTbQKIjqBYKRQDKUrUKACuPWJZb4wtMrVuoNAGgu6XhZ6U1TAXx043KjKpifrAUJ59tuS3VSM2nGfi9hQZETCZELRdmC8-sTpt_Qtck7YNrPmasulZY59lzrNK2yO1lKSQmD-LML0mbSz7sy-8xte2lT76hi9TpF_lF-zWkGW4M9GTF9FD45YtC-x9xMNTbJkK63oB9Psto2o26XToITX2GSRQ864CxtvZS9iI04coSHm9B5XChfqO1D_02BBzuRK_R4TCgLSFpqtGnow6h-GRQAIV1BNSWfWKtiMIR4Y2FL4CuR9jBfR6AskeEu8VJDF1nT8Y7F6wHr4yn6NRs-PZOUt24bXBSaJ68S0nxWUM9siqexC7RzcyVLhECp9NhqMZGHBs2i6scpQ03l1dsU1lKR3dAqKPhXL3dwSE3vCgHTxrRwoZ2CLEzGWkPZuqM9q2rJHk7CYQq_W_Aw-nt3JxE19AbARb4gXnxjA2EYrC30ufRTwHxOCW1eYG-6pmgahbz4jTMLH970OA9E-lpExLY6qgtUrM2i8PhBzHLcYBJXWCMLCA1eMSMw2EUziTIOTADlz4xMZJbTlq0hzEUwD4tcuxPSRXi_IFY_Da6Jj2xiYdgd3WrG6ZYfLj4V0OdJeareqQ3u2nvzWwyU_HdLAcwM5Toz-RXlYJ4QF_BrPXF4Jsl1eIKOMEkEuM9hjz3RK7Mx2tnJLL8Rr6WXDXjJDyYOxd5LxWbCtGwloLIrRv7VReZczY5gxbQaN0VUvvFanS2HeZH5h7uQ3-qR1fHK8d6XTF79s49soh-LiP1D1ImbkG7vdkze_hdZy4YiddDtV82oYyXpGTxk22B05BjwMlWciJIeGvtNVOez1Us0b-id36RgF08xv73vid8jqv7gq2e35RZ7qdqDjg3HnD8MhbzRkB80l4LvAkk3kssCK6mCVeIwNvW4ZjAusWhkm3-UBOquMOAl_N77m0w1rReWmwHP3CT-Q9Hgly5rSvplBJoCa2I9azV1-i2-5vpx1lzj7iU3JpcE5VqVGMU2vKYrO-1MiTK9cbE-R6d3U9zcXrjqwANiQIUbGoSwHrioy5hSqjH9FIDuX13cvL3pB7fX2dOSGhtRhSNtf7_XexXyyW8zu1L-No6q33hXBtV4q4yhnDC7_GvfjHuv2rqSTIxlCD-qNwUot6BRtdWVrft9iymQA_UgrAA82IkNAgZ9_URA_gcYJr4ReXKvLoMHTShEGfpLUwjdTOKVu-VUvRURYvwM1Bbh8qVCQjeOCWYiUIzMhUTWmvnzyYe2jSTGrK3CuQzzXhm5OwSWiWmOO8V7w&cid=CAQSTgDICaaNYtpqN-F5Eq4NWidELSuyOAoW4Z_NWPVkZQS6ZCcrdKyVnCViB2Gqayx7R-feBQEizZUDC789ddv6yAq_l5XBYA4VFpCvYPWybRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=8316991379922094000&adk=356101037&idt=103&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
10639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C1F8 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa3kzA_O37nCe-zfbk4ES6JEL2kAun9OMIwO4KgFQymIn70_5hQgtx0OlNOco6deuqW3Kmtk9EhzL4BDphCSUfKtXRr8hVIx3s1D8DPlzK4Jt2SpGip9pNaEAKgrHAssar0_-0Snn7ZaADzn0gJihhmW5-Pcp7sZRhC8Sk4pE2-FRIiG8&cry=1&dbm_d=AKAmf-Da-e_Srpvr-PEeHc6_tT5IvPZ-CuObIQLBwa0K6eDU2oiY4o4J6VLBlm57qty9mr-krCpye3QDOlvnnDG9WYBgafZzJEDIHur_ZhZwlTACAHzg3cHxSFr2ZRqMt3hCJOySHagNgPTa59EoFPSglJvuMDIp8OlBJBM3RhytwZ9FbQ18KyGnGP_ec09woPmQRxA4yNJORnPD_aDumNryrgzAXVI6FRltEJHpnCNSObjUO__rNqN__oMFqOZ_IyVStDELxjUQdbFOLU0SshElMvlpUkk9xhP_8bved7Lb8jd-1xhfefifmoSprW9SP5nu9meffzSuyTGe5DEnjeD_suJyTHEG8fv8VCEE7bfn7qMdpoaeuExAuuYZuTe7SsY11SjR-K1YmFl-9f2TFXr6JB_f9rYyaonrOAvthr48rvwHLdAHe5EQy762dLi2WonpdlQuYsm9ibphhyWcjbrg2yF30TPIlcgjKtjU_MzqQKn1dPAVstxN6Lte1dPn9uUzie9JjEzaJ8SMG2z2FlIDfkm0mxXDhmtCeERMWhKgmy0knFeWUoxvf-UBwETIkEnX8JLFqdolHa9hOqP7lnaCZYp9prw5DLTTzCkb-3ffnTYLO0JzN4YbnDTouIutZFHIBzPdOjFmEtRh66jGLRw6fyMe-LylROPcFX5kIk-fqugFOamXHQUhdMXvcm1MqItMbOexPxANd6bi-uMh2ay0rRbfT7DwwH1AVTy1pDCAZQWdssH2mqGCFo3-p9YcWfUl4NY7awhV3qMOLkis-Vca7MpmPOTiQWGDBw--YK6e9bWPmYZRl_CY8l7nx9CJuv6rFePfOZyXH5k5nOa8UlinP-azSUs8W3XoMQi9XHB6InE7OHyS_2MP3m2C_1miYDswQMNpZCzXPujBcLiU00KCnydTNW8Zew2n6HXVNxXC4DZXk4WJ-O8Ns9XWGXHTndEhFoLjq_86-YV8bBmfqLefps7ru-OmQbv6yg67LAAYqb1rNRhMmSRIzHSYkaZio5PCwy7xMhrYHYxLBvFw5DzfsZMe_uqCxPSeXlkda-vwCs-IXSE6JfKOwuRFWDlsf3xCd7tFsbiW5iq6gv1uiJYpcEnYxOZNHN75SVIqoHO5n7xJLmFG5B7QjGVsUF_XyseQdWlyUISaP1Bw5RuDBuZxCmFi975T7ld4UuMfCYjbsF531_rOFjcFcDlWHk4vu_9C4dzbdoB1aPRtbXDiwFavk7UudQGiqGmIY337boHuaH9EtUVrKvX9HJXE2VmV4LS39w9HjQD2jInY4ZUGCiCWe_4n21AXQDJznomd8cgvwJiq_aapGbbkqBi4W4QfuNmQcLFD6sDQLbTWuIq-lrHZzimW8ocXdxT2tksWtAWtBf41KrogDejJ3M_Sc9t66hDl4E4ZyUKOkEETtYZHnIEWQwxddb7laVt9JDEGsBvnFAUpRc-TSq1azJFgIxUtvt5lofCfhsLKXBIGkdiV1sQo-KLdbZgBiUovuZhkj_5W3wSEITU2rdioVa-Mf9q1JMDacZABjsEm2AjRFsETboYY9rQFJcxMeRjiSfU7vdAW0pv1omgdIJFXlXK9UgWqhy-EeqdfQgyU4WgHBoSgBgU47cOvBbWMUDccdyTsH9DoLXlSJM97UUSHp91L7-yKjOyq66kvArH2ADWnvhvYRljz6Zkl5CeThiQC9hwrQDj8KnJK5_AS3Byurh9o2iDPXD2xVThUA6Pz8CCn9LmllhL1iTGVM8X87kISCZtx0QCUBdf4Th-vis2Y7r5UMj6jWjsPS2JhZeZRE1O8W2VDm-BkoB3oj2hBRdZeG8dcRu4NWT6_GVof1f-y24XV0th2P3Xm-dG2XBjAHx09GhRm3Wwh8FZBJaHZdpbVBnvI6x0KGZNTQoEi_38dh0RikXzGyLP-9WeS6FYIRkBQ9DNXvNVPJe5Knw7pS9TqhcQKiXd5LeS7aRq8CxKXWljKPCRixU8WAPIWRhFrQNWlCiJKe6oAwrxXjw1FWa4s44nWDyukXMVIPI60R9g8LfSj7bAvDbTM3-YeCsXpKUG8cJ0DpNijhhMYH8gMscPf4pNeY8OFDRxbxdsN3CvSuIsnWON_d123QhYtDJeD7efpR9Gb9yWruWhG8b9ow9OgfnF-Xj5SUZFnLMHiY-HmhIZ9GtHmTyu4EUtpyikN2KnjjJUOJolv7kBZDP-Bsw-IEUjLtid75If3blTBNkpHShALHUiEigd7KZpyRXhN9Ca90hOf2iLU3Hrw1g7DZtKogJYSznZsifSGuZLxsmKvVw1iWmZT1gKUEHNzX76iqOPJmquqUwqr0b8UXFOVvQ5rqNYbMfCtPrzZbq5PaGYo8M8EdCBX_CFPPQozsOnoo-JW_k9hNLGZzC6kx7nLiYpt5fDYzVRrv2TiVvvlxnMRGhTbQKIjqBYKRQDKUrUKACuPWJZb4wtMrVuoNAGgu6XhZ6U1TAXx043KjKpifrAUJ59tuS3VSM2nGfi9hQZETCZELRdmC8-sTpt_Qtck7YNrPmasulZY59lzrNK2yO1lKSQmD-LML0mbSz7sy-8xte2lT76hi9TpF_lF-zWkGW4M9GTF9FD45YtC-x9xMNTbJkK63oB9Psto2o26XToITX2GSRQ864CxtvZS9iI04coSHm9B5XChfqO1D_02BBzuRK_R4TCgLSFpqtGnow6h-GRQAIV1BNSWfWKtiMIR4Y2FL4CuR9jBfR6AskeEu8VJDF1nT8Y7F6wHr4yn6NRs-PZOUt24bXBSaJ68S0nxWUM9siqexC7RzcyVLhECp9NhqMZGHBs2i6scpQ03l1dsU1lKR3dAqKPhXL3dwSE3vCgHTxrRwoZ2CLEzGWkPZuqM9q2rJHk7CYQq_W_Aw-nt3JxE19AbARb4gXnxjA2EYrC30ufRTwHxOCW1eYG-6pmgahbz4jTMLH970OA9E-lpExLY6qgtUrM2i8PhBzHLcYBJXWCMLCA1eMSMw2EUziTIOTADlz4xMZJbTlq0hzEUwD4tcuxPSRXi_IFY_Da6Jj2xiYdgd3WrG6ZYfLj4V0OdJeareqQ3u2nvzWwyU_HdLAcwM5Toz-RXlYJ4QF_BrPXF4Jsl1eIKOMEkEuM9hjz3RK7Mx2tnJLL8Rr6WXDXjJDyYOxd5LxWbCtGwloLIrRv7VReZczY5gxbQaN0VUvvFanS2HeZH5h7uQ3-qR1fHK8d6XTF79s49soh-LiP1D1ImbkG7vdkze_hdZy4YiddDtV82oYyXpGTxk22B05BjwMlWciJIeGvtNVOez1Us0b-id36RgF08xv73vid8jqv7gq2e35RZ7qdqDjg3HnD8MhbzRkB80l4LvAkk3kssCK6mCVeIwNvW4ZjAusWhkm3-UBOquMOAl_N77m0w1rReWmwHP3CT-Q9Hgly5rSvplBJoCa2I9azV1-i2-5vpx1lzj7iU3JpcE5VqVGMU2vKYrO-1MiTK9cbE-R6d3U9zcXrjqwANiQIUbGoSwHrioy5hSqjH9FIDuX13cvL3pB7fX2dOSGhtRhSNtf7_XexXyyW8zu1L-No6q33hXBtV4q4yhnDC7_GvfjHuv2rqSTIxlCD-qNwUot6BRtdWVrft9iymQA_UgrAA82IkNAgZ9_URA_gcYJr4ReXKvLoMHTShEGfpLUwjdTOKVu-VUvRURYvwM1Bbh8qVCQjeOCWYiUIzMhUTWmvnzyYe2jSTGrK3CuQzzXhm5OwSWiWmOO8V7w&cid=CAQSTgDICaaNYtpqN-F5Eq4NWidELSuyOAoW4Z_NWPVkZQS6ZCcrdKyVnCViB2Gqayx7R-feBQEizZUDC789ddv6yAq_l5XBYA4VFpCvYPWybRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=8316991379922094000&adk=356101037&idt=103&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
10639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C1F8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228178848817197974954%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013419364769371521%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 0CC5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8531510046411661&plah=www.lapa.ninja
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 09:37:03 GMT
etag
13268084621564590274
expires
Tue, 12 Dec 2023 09:37:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C1F8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5136909a848ffbbaa21167de08d454cec8ffee9946e6231a2c2c6dfae780d828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 8ADB 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=2312945378&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1156&idt=194&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
351590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 17:34:51 GMT
css2
fonts.googleapis.com/ Frame 0CC5 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:21:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:41 GMT
css
fonts.googleapis.com/ Frame 2BE6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:15:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2BE6 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
32726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:09:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2BE6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
32726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:09:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5D79 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 18:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2BE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2BE6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2BE6 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 2BE6 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0CC5 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
41652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6702
x-xss-protection
0
server
cafe
etag
11213825687312121238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CC5 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:42:07 GMT
x-content-type-options
nosniff
age
41555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 27 Nov 2024 07:42:07 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CC5 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 18:12:33 GMT
x-content-type-options
nosniff
age
90129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Nov 2024 18:12:33 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0CC5 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
32726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 10:09:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1154354190865477&bg=!j4yljMPNAAZxrfrxUa07ADQBe5WfOKEg1S6WIiSARrNWWvyZOZU8g2oaFgTh-exc-4neG0NTekC3e44N76vSCSx7mmDqAgAAAGNSAAAAAWgBBwoA3O7V2espXDaVGlJhSueWETnjo7w7JZdZvRBiG6wnwQXlmorlZAZ9psA6WW9Ova1sL_6fiqy5Ca-siq_ALwehiu4MqODy2h3Jpcfd3eQHmva1ufYVRjnoP1jELn8_ajLBfjYliICsKryG3RcgdFW_oygFPQeJwpbUmbBV8R9Il_3PCryXwMIhKU11by2fFaXmVVB3qLSyO5-OlVLT-D-Ii2RKIeVx0iwhh62UTCeYOfauySFVCGXFH53hk9Qm_GzUdocbQpetun7yvsbaj8QAzwMKugRRgFzgkN9Ay7yZArBo-2-ohQ_On7bMLWpLY1vYxUbjtdgS71w5ApdSvHH7EmsyEqSgUNBVmT0oVhWYsR8TtiMOJC1IWLS7_OD2D4_TCMQlttCcYr6w1b4aZrLm0bAraBQP-F8XT_l1Yr8sXdY5MumYHsFUnKbxCnbnjUidB9p_uicCQGcUQrGg7hKD0m-HJR1n1gmP_DtqkaoT8kEaH2GJ6JFYatvXgzs27k5rydeWC6OiMzqcL5V5XdCDjqukqynMjR1udRvLOhFqHS4lBT7nHv5PcGKxnSXt5EyW7jXpLDbKB9RQODdzDAMhEnWCx7AZ1YWERfC42CqTAsHL9Wb7DpqGKGFzclrDCoN4iI0yQT0xLL-jeVxs8sQn-lhrKS-aO4GPq6oBzl8c-6010VoFCzL-9_gVFp7wA-xYl-w4O15z76uolGGLTCd_m7N4D3W33i52yrw4InWqa6C0jcjgsQSoyjuohPaDbbiSoW_e9aLiwqy5J5JW5opYt7fPGtGrZNvuiaWbFGVzjiZxyGHu6y5CK368NlcKNEXBylWMiraeF0jF9RFv4N7ddAJZpn1zY6lcrrBYh5KLv1SM41e2Fj7QtVCxG-_c0a6Xhjf4srLKSFKTX7uqQjUnjERQRvhgLDGoxoDDRmZmLWSVrqj1AZfsXE8T6lozwVBPfJw547z9139tCihIC01P0wjr8olDZzm1lr-m9IMaP60HrBNYuNo9BcHYqtgXL8NLEPpovleBH8IFjBrK7jakVqFi64RXuvlpezDrw5UDtdzOb8tiIWiccaf5FMMfd7ynguBd854JNfMkcypFkf7b9jHEdK1hY7tCNrodHc8keACsx2of07-tl1hbRyIwfEfm7as62dtrQZNANYHjfqHhq34DoM0Wi4sKX2RlbysIZmIaHxjeopUh1EOWIX-83tOa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D7E1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33C7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWa8LWVYJYhNwTft6NMBHy-dZWa9fJSN3AcD64Gvi2aS2o2l8Mr4kl8cAXGzm2r4S3kH7LvE3owH0AFFi_vP9Qv9Z2C7ap9RFHUxOASUJIcmnhMo4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 33C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 33C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 33C7 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5D79
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
expires
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C1F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpNg84f98MsdpPUtV5j7bTLB4wQ6F19dGR7AnDpTwcRVEwW7_kmaWo0SXN-bbrP_nkOhGFV8BkNi-HSkjr7unWYNI0SiMkO3BqRJahD2EnsTHMGtlk1HMt7KvYgn9_RJRX4exP_iP2Sx8hQkOwxlBrsSv0te6Sp19I3m-p9al28soE-rzOUFpSAyd6afuSsmCuKqZ5g9rQ81izNuhfWxT6AywHxJcMnEM-Na-_Ziv1Td-U3P9gygA-nq-n88UsVVRc3iIfZCD2q7kkNvpTF2LgJ8gR07sgBlUOs0n07w7ctQMsFqf1kPoL4TGN1T18UZUP4VlnAf5-RXu5CD4jY1npPzlHIOg3KpIgKQBiQY8v-BvSDWBZpHtQxdnAz66329RJ4oUXeEPych5maYmJkIP0bqjjQri0hTFwfBpFfNPjw29raiI84cCS6UgEWE6waMEejY_6pKXSk8dLPTRS0mHWXI-jprBWZFqq8yAUnzvclC49nIzfGEAPFeK_hsHI6QXBMnNftid2VUlr0B7HHXWAgNswENtIKxKkABtuG-6YqhB0Tv-0eSsAhaJddTBG4LUrt6zdhZHNMQV7c5-xLPi6gAxXheI8V91L78ZjNhweoRTEKFt8J4_wUKaV34v-mCTYQiuVc1tPmjc9bi8tKv7JU_BW6uLkQ2AfkT0j85Rs033w-3tCJiXSf-4J6wdlTNP0YN_tOsGwb8HTBTk0rIxtxy4WZxEnzVvNjv8J7fRhgYPfAKJvSdATGBql1g0PZ7OwvqC1kjpE3xjRPx1LidIz0ukYmx96eRiaV4u2XZQIxKgzwOsW6ATFnP3E4E-iJXkHdiBFqtgGoTi5vke7FGnC48Pj5WiRvPbbWrF0FTE9K9IHDoj7BtKI6rVXsGqtAWVLh6RNMFUhYrztDzdtcBkO3eT5O_WWj3LGjiCAx5kKSpFuGXovDX2Gl1oy-Klc1P21rGJWDnGozqgoulkRpHBBRHYw_POp-dAlmfhQ5acoHjiEd2nOndjcYH5CIlt3PvLezCxRbMirlebkfJ3yy4gPBMXn7yxaIPp-VaoqKm17RSfptuA_kTnDX3_HnBLaAB8b1eKkoY2PYjhUkILcZV3J1D1o2L27pjMuxGqNySvO8qo0Q6sxd6whLBxX2n_tkEHYFRqAfsGhyKc89jsx5RrYQqUYLVtiDDdqMJlLdDnKG2x9J7hGVbeKIGd7ZtSRtJ0IRHINeWhgexbQvN4AWvYkUAuUze08CQFPYtk1BOGA9rdW2YieviM4YDdfmOaP5mItF6PcSOz9dm6Y5Zz1&sai=AMfl-YSG6dcE00z9BZWhYosTLn5yWV3vQilF5LdAbMtmT5XKhaeLAZv7vqCN9T_ssGkbTEwGWD_Q97gHx0yQJqBCzhtnPJ5pBBqozYA-DARlEFWD5r3edBZ4o46S-S1PiHozTtjvc74wcoujgVk8nRAk3ZkfnN48NBfPsLn_OvLhgMGTNyj6WDoga_LeLccgIAgDOizNzWh1Duw3317_s3O2ueH7vVZPvNlxKXAVd9qr-LVfEdJwzF20_IgpHHzpze5iEKROXWiVXAkOU6VU9gF7xDVnddWCGMbBaisowA&sig=Cg0ArKJSzKqTHmo9FlhdEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cisv=r20231109.64247&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
9150291078721736478
s0.2mdn.net/simgad/ Frame C1F8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9150291078721736478
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=250&slotname=8862647550&adk=1261712459&adf=1186410553&pi=t.ma~as.8862647550&w=300&lmt=1701198880&format=300x250&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880769&bpp=3&bdt=1152&idt=180&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2834510024776&frm=20&pv=2&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1284&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:52:04 GMT
x-content-type-options
nosniff
age
120158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8106
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:45:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Nov 2024 09:52:04 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 099B 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 16:17:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 099B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 099B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 099B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 099B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 099B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 099B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6FE1 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
expires
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 33C7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 33C7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
view
ad.doubleclick.net/pcs/ Frame 33C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstxSNgwMnt3LPVAQJW6fQPmN3XR74fuUPp0hsO3whrp99lkrp0_dHOJDM4Ibg0-nbM-MpQQ9s00dRHjTu7iqtEYgFtj7TglHBBI-RyJgYV3jnhEIP-PzAF3hpFDtNJhE6aezpBf6yOnMGzfH6hht3yjEBpMXLCZiPN7xmNRk8uIqMgn4pUJWEu86Z7071NaRcV7l6T_vzp5qKB1C_GYoNQA9PTGcWRORVO_2RfRaXPDhjh2LF5KlmALDUKcVYYnpfp-B57lH8sUyW6Wg5ExxQLn46Cm0Yuxw5ctV7brfXAKCE4Xsn40D_Gygq_f4sQrBzNKMrnMyoHVCELJNoG8EIsUdcQsQJRrvUWN4o4d2dswgkgzMobTvO8LH_hex9ANYP-MefbUhG_WBlKdlfwd6RMjrEDaDskECpPquCvMRiHemFKJAHtw1pPEOFjN0Wm9MGXJiVIVD88605pd6cgQqZ1g9zX366vT9wi5fhxdPro1kltAZcjHy_wTgpQXaY3mXUBrw5jlI8ml7n85SGOVtysq4FFM16Cqnwr42iXErqgDq6B8pw4DXLwc1jZjxXDWdRzJEqVfGepXIlvE4cuKO61m1JMBYT4mPsqgxZlpLxb2OYWKlZJBL0ajg_midzCGfYtrznSNI_gzmHNlmEDpHIGqWzhPUtsQNBiuJ36p3-Ijd0eSzNKvg5rAn2DZwEdo65-5Lw2oAcTHBlzpJ8AkQPDVz0uCgLXP7D5KX5vvWifUJdrGLey8cV-w8j8EWgz3-TiXoqpHsM4Qav3o3z6tuGomURTcjR9kSGbjCTdFBvrbwQUq6OiOJy8DTfRtV2wv_6yvRPnzOpsoZaeQ06W5chCJGawc51IB2r7rzbkiF8W_LWluXy87ywaIIdwyrLkuGS9D3TUqCpd1I4mnY_Y0IrnKBE62qaLBBgQgnJlI6iRdS64Mufp5kjShDVB7Qo1ceno8KiU7eWS5RtuVFZtZCyfHVvHVnnB6x2b-WDUQkWKTRRxMB4FRr946HEQtCjmQvscq_bYch4Gn7Rv5XkBXilvtFhOLZJrz2niSgPRuOVd8L2hykpk65fa_4SUN8OsNZfmCF-F4HCM0PNupQsB6El0Fi4owvnfjWyLjECT56ehAZU-rGsoE1Zl1QTkPYRbaX8ZvG81lIS31BxOwVH3MVEfRfHBbpnsqu8xKr6KU_DsBcfiPXm_ub8pJ-rAz91byOWw4d9p2niVWVjLkmEiYw4PIWhD4G1--VVsxs6P-SvffKI9PK7F2JC8LPKIQw44cwzQ0aVMi9TYWuu6_nou_Uv5kr_xC8lYjmX3YR0qg8Nr4zdL-f14-Lblt7FG38348&sai=AMfl-YQ2wR49AymUt8Kyh4p0SNwQSxsp0IzHdtn_vDheAL3uk6omGtPG0j7yI20Esmr7u9huiRwcmwsbBUUiVuUqx1H2GM5pPQrk3VrzC0hHuUNZtaUVksc6zxXrc7IXgJBW65gWMws_FwpHDcG-v5B0__tcGNo3uWYNYr5frtVhS9GrDBsjU0C5d5vBG3kJCltyz6vdEDuOAdzNz6iMuoEbJGoMvpxA6tUiU1KA1Nvq7ZwHi08DYJ0a5_Nkox9olZwemCRx8jRtn4xbc9GtmIjgGkr2Llwsj6JygWZCh6DNJ2ntwjL2xpu-bfHyDDB3KrzniRB_g34ahV5gY1xmrsDrGypoCDvPKsBmP8FTO_x43JctJXsHlDKwIfGwYZVAPhohPBB1t2joA6aeq7Sb5Ka4SxTJJZs-kaAiJro9q8g5-4-b59VNuWy3Y4-lLCetXyNrG0zn8UFRXJjhBxujHyJHFBPOwBDB3uikb-_FR4WsV5iaxNhS8a_mSSN12tR7lHBVLN18Iqc&sig=Cg0ArKJSzIZ-8FUlKTKQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.13507&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 33C7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
5729749446740372886
s0.2mdn.net/simgad/ Frame 33C7 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5729749446740372886?sqp=uqWu0g0ICNgEEKwCQGQ&rs=AOga4qnItAcRTZJ_ebtzrl3e-DX7sJynZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abedd941a82ef442809be7181fd39b66b64e2f4113da65058952273187d5b7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:43:57 GMT
x-content-type-options
nosniff
age
448245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72707
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:40:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 14:43:57 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D7E1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
truncated
/ Frame 33C7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ced6f56a2ec5f97444472be2834d1ded5e25dd9f21a4b6107aba93f75e25431

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 698C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 8E0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFNdlY91BtnHEvml7ZQLOVuG59Pl9wSoO5eVZtzng75j2X2glMHRUTRPw7%2BT%2Fqde%2F8SSDrjfTDkQiRdarP5LGL4m4QMXnLz6UBTt7AljIM2v97XrmKx5%2FBNfZ%2FjYJ5RJUKPCXTZHQZAIKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef756ce09b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E0A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWY8Ia4fGHdPUQ.88XtNdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osy4gnx02pV7JXjvtSM7kn3iP0qmu9k5hmm2NZLjssEv%2FEywOhqYMi87SsUvrqXnQzELZiKRlnn4u2aaaME4M062eef0FvfK4o%2BBscCs2TwITlqZsk4ON3UwLegDhZV3Cs1Ldam9k%2FUzQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef75ad429b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbsEHwLv7NkMa-5i4o2504&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8E0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
an-x-request-uuid
09d79ca0-34d2-4117-a086-3844c7f4e1ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAozFLf1RW23P1Oz6dQM6us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8E0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNVkmTaXPwmykxPGnnCKoBEgCMA_pRGkqLtK6dH8J6TiRiuI7UloMGh5WplLrOUWvcwDxK-QhWwHWFGuAfc1aBpt848PjwezM7Pfu1I064A-idITmiXPKpLhGtcfSIu83TemDTY4SPDa7Kd4Y0vaBGSjhZTiqa-6NityBhrnJDEtwKJGF8g
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
an-x-request-uuid
8dbfafc2-5bb7-46d0-b43b-cba78ba8f447
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NjM2OTcwNzM3MjAwMzM4MA%3D%3D
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 099B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3a6f26c492118f31988278595c72296f126866eab114342e008f654b21031df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4C87 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/346383189655976896/ Frame 8881 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
expires
Wed, 27 Nov 2024 19:14:42 GMT
last-modified
Thu, 27 Apr 2023 13:48:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 099B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvggJzeQUHkItJaT5vAxjwFDrLB1TxKdd52yZf1nJJ7qa1w-MHVoCmS9r4Amku3dOP0VbuWytpdPxBy_0lLCZQSl6LmgGurefdf1BmEGMsN6u_kDlWml4zJYDB-Rs-aYwohPzt3ZgKL3VNq4lZCuNl3NwokrDCank-G09oJPMltZZj1-13tDAOsoCccxQytqhZw7JS9MU3gjLLsrK8tX0rXP50Mx9Z1qp78fpMzCHoGoswe_NemLrUeWHubvylWW5zGr7i-tmBRdtUwGYWCWMFSRc2imSxKZxGyRmXoaUf-i4TCO2g3tXXuxt0iSuI16DBEdnRmgYjkCY8Hnffx5MRhFaEu9QdEOgSfD8xItHNmAfMg4M9q6tSYO9baaMGLa3d2b0BMSzPPXJO4NhphSTqHIWKEEzdfLB-eRgtyT95JDlH0Q07rji3vVSppghduIsX6O_uEKJUJkyv5G-Aa51m7o4tAeWeTzl36Xe-pKbhX0IBRf0uiEFW9vDHQxBNBffjYM41QTRCV9MqwBsC-NtH2S3uc1TjlAwVkVhr5E5Y_VwSTzPdA_MA3YbGTDUvNcnJ9LnfuDeF_3ALx7jEnIMuBl0BNgKYVCnXQ6sFgoU1MZkgmO3xvyWIq1yk5E9Ab1qdfTpM7VSFZCJwrpe20tg6VcjkVSRC7TVJ7sTwzmRzPXRcmaID61cZJG1ak6P9aDP2wIBnUPlG9GF49ZsSVnLt82qzvkhYEUAWtTkGsD0IgVxNCcE9pyqIBivaBuqMxvqFHvwbh6sDDKTNjtZBCbtzrMzIVWW3eXKOKxYy-6guXO0AfMVA6kee0OVirPQgR1dyx8eJ7ggEd4DqttmPvnKTiicA8MP53JWpjFqauFe0h63oaEUogL84s-kUKkSUojSsFealXlxR9pcXZm-Sa_5QIph8oMmTYawj_Ia9PMX4h40O1ZNW_2y4vNzrBrjhNFNiaK-VgWQZtwL4oXWkbDXB_Zwj3YKTKdfs7HUhINH7RBq4l8DijFKu3KJ2cDl8QBoBgvlU-EbR1Zt5onDlwQiFmScdXGCQNsJ-6xSrKOXG4Ft_47WXgQUDmVXvxJH-rxzs186xLslkI3hMaguvdZTXysefgMhFTaFHC0SZASJj6YiOhVFcJf2B3PRc2xRwfyjBDAFjgrFQ9FNCKq81TGiDV5k-jp4-mNgOvfXHFj2fC7gaLFe3xO98W-3A9-s4NfLJoA22HMkyDkHikT7CLAG11acg_DqU46hH8Bq7zfoWQycjWPSLCSUzFOOosqVUcFEt2ifCBVIcETRSEQqsbkw26tapniDXGF_81n1vRFXCFcQZKPTp2pPqP_UY7-nPp8wFgi__BKCaJD24SaJh2I360QVgAKYvvYXI2&sai=AMfl-YQRCy-lfSKnBwq3BNcl4rWjpUvKgN2aLD2Scw__hcf2rD8eTNUcO87uzqvaFFAGeru87D6t9sq8QJdYoRho-PT8FCSbnjBLIivtd3PGIZeunMNOUbVaKY6-IMsuu_azeRXqSgsKvRdR1R4gSUHDD5X-3DBv6jHsNXOeFQ-v65Zw5dirX_xeRPSB-4O3BMw_fyrUnqcMMZlJXxW19RsaUZIfLAB_4C-rbRClbnZoon6U-xvtv5WPuZxy6_hM8ysHHbBVUpDnkZEF7zxpLl8XIBTrJ7jsHgck4lty-Sl_9oiSgaX7LcQyK4Y_S1HcQqUXzIUCsJbOBSKozgjswOsnsWIF9_ogCNUJ5K4v0rlNLcH2_UzUAU14a_Gs-eERhjeBvJwUcgWAYDl8CZ0MGVwHixaQIE117sXY0Sc_t2tZOd-BkI1mpiki_gRe6E-Y2ScazF2DtlhzYrR0qcb_TNkDQSJ-UU0xbc0zDNTJBuBOc-jjFMQ-qjprENHeX27wO_EAHM4to6E&sig=Cg0ArKJSzLED8Trf2p7DEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=77&cbvp=1&cstd=72&cisv=r20231109.33831&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame 099B 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030143&extPm=361382341&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:42 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 28 Nov 2023 07:14:42 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6FE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiB1t_1-AphG-7XxWAGTjA&google_cver=1
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiB1t_1-AphG-7XxWAGTjA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiB1t_1-AphG-7XxWAGTjA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6FE1 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6FE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEC_-6j_7hsubqzO2HWhLI9c&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEC_-6j_7hsubqzO2HWhLI9c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 19:14:42 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEC_-6j_7hsubqzO2HWhLI9c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6FE1 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLCh7vgBMAE&v=APEucNVjD638A3ri-_T7GTG3FgLkKQyhPBKjL4xYY2H-LAWV63vefFw2yeh8zzlZUpDbnrMChwd9RyXN0EL3zbbLP0TyTMkqpMN6zmu7aqYNNCA6M49NFTPfPIo2IpsTTfR2y0u1y10BQpLWhleBl084xuKUNKeajN8kiE2h7aF2QiPHKZSnNms
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 19:14:42 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 698C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C1F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpNg84f98MsdpPUtV5j7bTLB4wQ6F19dGR7AnDpTwcRVEwW7_kmaWo0SXN-bbrP_nkOhGFV8BkNi-HSkjr7unWYNI0SiMkO3BqRJahD2EnsTHMGtlk1HMt7KvYgn9_RJRX4exP_iP2Sx8hQkOwxlBrsSv0te6Sp19I3m-p9al28soE-rzOUFpSAyd6afuSsmCuKqZ5g9rQ81izNuhfWxT6AywHxJcMnEM-Na-_Ziv1Td-U3P9gygA-nq-n88UsVVRc3iIfZCD2q7kkNvpTF2LgJ8gR07sgBlUOs0n07w7ctQMsFqf1kPoL4TGN1T18UZUP4VlnAf5-RXu5CD4jY1npPzlHIOg3KpIgKQBiQY8v-BvSDWBZpHtQxdnAz66329RJ4oUXeEPych5maYmJkIP0bqjjQri0hTFwfBpFfNPjw29raiI84cCS6UgEWE6waMEejY_6pKXSk8dLPTRS0mHWXI-jprBWZFqq8yAUnzvclC49nIzfGEAPFeK_hsHI6QXBMnNftid2VUlr0B7HHXWAgNswENtIKxKkABtuG-6YqhB0Tv-0eSsAhaJddTBG4LUrt6zdhZHNMQV7c5-xLPi6gAxXheI8V91L78ZjNhweoRTEKFt8J4_wUKaV34v-mCTYQiuVc1tPmjc9bi8tKv7JU_BW6uLkQ2AfkT0j85Rs033w-3tCJiXSf-4J6wdlTNP0YN_tOsGwb8HTBTk0rIxtxy4WZxEnzVvNjv8J7fRhgYPfAKJvSdATGBql1g0PZ7OwvqC1kjpE3xjRPx1LidIz0ukYmx96eRiaV4u2XZQIxKgzwOsW6ATFnP3E4E-iJXkHdiBFqtgGoTi5vke7FGnC48Pj5WiRvPbbWrF0FTE9K9IHDoj7BtKI6rVXsGqtAWVLh6RNMFUhYrztDzdtcBkO3eT5O_WWj3LGjiCAx5kKSpFuGXovDX2Gl1oy-Klc1P21rGJWDnGozqgoulkRpHBBRHYw_POp-dAlmfhQ5acoHjiEd2nOndjcYH5CIlt3PvLezCxRbMirlebkfJ3yy4gPBMXn7yxaIPp-VaoqKm17RSfptuA_kTnDX3_HnBLaAB8b1eKkoY2PYjhUkILcZV3J1D1o2L27pjMuxGqNySvO8qo0Q6sxd6whLBxX2n_tkEHYFRqAfsGhyKc89jsx5RrYQqUYLVtiDDdqMJlLdDnKG2x9J7hGVbeKIGd7ZtSRtJ0IRHINeWhgexbQvN4AWvYkUAuUze08CQFPYtk1BOGA9rdW2YieviM4YDdfmOaP5mItF6PcSOz9dm6Y5Zz1&sai=AMfl-YSG6dcE00z9BZWhYosTLn5yWV3vQilF5LdAbMtmT5XKhaeLAZv7vqCN9T_ssGkbTEwGWD_Q97gHx0yQJqBCzhtnPJ5pBBqozYA-DARlEFWD5r3edBZ4o46S-S1PiHozTtjvc74wcoujgVk8nRAk3ZkfnN48NBfPsLn_OvLhgMGTNyj6WDoga_LeLccgIAgDOizNzWh1Duw3317_s3O2ueH7vVZPvNlxKXAVd9qr-LVfEdJwzF20_IgpHHzpze5iEKROXWiVXAkOU6VU9gF7xDVnddWCGMbBaisowA&sig=Cg0ArKJSzKqTHmo9FlhdEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=243&vt=11&dtpt=113&dett=3&cstd=241&cisv=r20231109.64247&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		75 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
346742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20055
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 18:55:40 GMT
expires
Sat, 23 Nov 2024 18:55:40 GMT
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4C87 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
view
ad.doubleclick.net/pcs/ Frame 33C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstxSNgwMnt3LPVAQJW6fQPmN3XR74fuUPp0hsO3whrp99lkrp0_dHOJDM4Ibg0-nbM-MpQQ9s00dRHjTu7iqtEYgFtj7TglHBBI-RyJgYV3jnhEIP-PzAF3hpFDtNJhE6aezpBf6yOnMGzfH6hht3yjEBpMXLCZiPN7xmNRk8uIqMgn4pUJWEu86Z7071NaRcV7l6T_vzp5qKB1C_GYoNQA9PTGcWRORVO_2RfRaXPDhjh2LF5KlmALDUKcVYYnpfp-B57lH8sUyW6Wg5ExxQLn46Cm0Yuxw5ctV7brfXAKCE4Xsn40D_Gygq_f4sQrBzNKMrnMyoHVCELJNoG8EIsUdcQsQJRrvUWN4o4d2dswgkgzMobTvO8LH_hex9ANYP-MefbUhG_WBlKdlfwd6RMjrEDaDskECpPquCvMRiHemFKJAHtw1pPEOFjN0Wm9MGXJiVIVD88605pd6cgQqZ1g9zX366vT9wi5fhxdPro1kltAZcjHy_wTgpQXaY3mXUBrw5jlI8ml7n85SGOVtysq4FFM16Cqnwr42iXErqgDq6B8pw4DXLwc1jZjxXDWdRzJEqVfGepXIlvE4cuKO61m1JMBYT4mPsqgxZlpLxb2OYWKlZJBL0ajg_midzCGfYtrznSNI_gzmHNlmEDpHIGqWzhPUtsQNBiuJ36p3-Ijd0eSzNKvg5rAn2DZwEdo65-5Lw2oAcTHBlzpJ8AkQPDVz0uCgLXP7D5KX5vvWifUJdrGLey8cV-w8j8EWgz3-TiXoqpHsM4Qav3o3z6tuGomURTcjR9kSGbjCTdFBvrbwQUq6OiOJy8DTfRtV2wv_6yvRPnzOpsoZaeQ06W5chCJGawc51IB2r7rzbkiF8W_LWluXy87ywaIIdwyrLkuGS9D3TUqCpd1I4mnY_Y0IrnKBE62qaLBBgQgnJlI6iRdS64Mufp5kjShDVB7Qo1ceno8KiU7eWS5RtuVFZtZCyfHVvHVnnB6x2b-WDUQkWKTRRxMB4FRr946HEQtCjmQvscq_bYch4Gn7Rv5XkBXilvtFhOLZJrz2niSgPRuOVd8L2hykpk65fa_4SUN8OsNZfmCF-F4HCM0PNupQsB6El0Fi4owvnfjWyLjECT56ehAZU-rGsoE1Zl1QTkPYRbaX8ZvG81lIS31BxOwVH3MVEfRfHBbpnsqu8xKr6KU_DsBcfiPXm_ub8pJ-rAz91byOWw4d9p2niVWVjLkmEiYw4PIWhD4G1--VVsxs6P-SvffKI9PK7F2JC8LPKIQw44cwzQ0aVMi9TYWuu6_nou_Uv5kr_xC8lYjmX3YR0qg8Nr4zdL-f14-Lblt7FG38348&sai=AMfl-YQ2wR49AymUt8Kyh4p0SNwQSxsp0IzHdtn_vDheAL3uk6omGtPG0j7yI20Esmr7u9huiRwcmwsbBUUiVuUqx1H2GM5pPQrk3VrzC0hHuUNZtaUVksc6zxXrc7IXgJBW65gWMws_FwpHDcG-v5B0__tcGNo3uWYNYr5frtVhS9GrDBsjU0C5d5vBG3kJCltyz6vdEDuOAdzNz6iMuoEbJGoMvpxA6tUiU1KA1Nvq7ZwHi08DYJ0a5_Nkox9olZwemCRx8jRtn4xbc9GtmIjgGkr2Llwsj6JygWZCh6DNJ2ntwjL2xpu-bfHyDDB3KrzniRB_g34ahV5gY1xmrsDrGypoCDvPKsBmP8FTO_x43JctJXsHlDKwIfGwYZVAPhohPBB1t2joA6aeq7Sb5Ka4SxTJJZs-kaAiJro9q8g5-4-b59VNuWy3Y4-lLCetXyNrG0zn8UFRXJjhBxujHyJHFBPOwBDB3uikb-_FR4WsV5iaxNhS8a_mSSN12tR7lHBVLN18Iqc&sig=Cg0ArKJSzIZ-8FUlKTKQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=147&vt=11&dtpt=146&dett=2&cstd=0&cisv=r20231109.13507&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame DA5A 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 17:05:58 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8881 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:14:42 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8881 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 04:12:33 GMT
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame ABBE 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
351591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 17:34:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7E1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXyRYITxmZdLFK-q99u8P8s2BmA0AAAAAOAHgBAI&bg=!_P-l_7DNAAZxrfrxUa07ADQBe5WfOMnw7ihDGs2fNqRQwPen7B9qXSfgGP_piZD5WfCbMNx0QIx-6tvvc1lpUS5IO7G4AgAAAGhSAAAAAWgBB5kC39YVo2mj8ecranKlO8HTClUZXT_T9X0RG75Isnsi7QQ5NjSSt88h7ti8DZGSL44LHEHJyfmjwkf-uBW7sgMK27YEkLa3TorZltKOnIOGSyS8LrFQyJLdcmvwHJkTTzo4QvnF5sDJ8-y5LMYxQFsJM4CC4aXnOfgvaRV9tn8CZ4vhDjAP2hTiMPd0to_S1jY1d3NFjMiIWtuR-YRdf-3eGDFpDqanBkFXpThdLj6q_HR1fPqp4xzq6vLmO4VfXJtbopQCdhsCKLGnrlE2gL2c6d3lpWtcrLckCyjw0vl9L1KGbA2Ox3-VwnQmazyQHZeha9x83rntt_Dbu0Yo5wai7ySQ1Gbzj4e-h9k2-CWRZFWES2IJa21N5xyf5xhfUwpYIjJv786eb1FIxVbqFo3EL3Zg3yy1eHWbCIEvPk9TQWA91aB171J_tFM2L0f2mNqLSjL2NLIrHwt-gN3H6sOXt7dFXJPjAYQCScHUlsFWBCz0KISQJkj-VgXmbCvbv0Rad9KUKotgO-iGZijCef9Lx-U9SvRcVcF8iQbIrxsMoaAEcZs2An0r7sqqIHorXmOec6oP9MbVyrWwEen1oeBBWbwqcIsUbjyjL6U29hy6-m6ME8_AoWtDSRPCeGAoKQE-mmEtblBYZ7cGpGJO4Y5v3EmvudpdLPUliHV88y8LaA28uEp8y8vw2GFNi0dGf0lGIowEFgaIHNkjZN9gU1vvXQ0ypkEpmc0xP1LOQThLlrVxAv5INF1nM2dnpp_SyJgPwD3zog-GS7IjQGiOfeB92SSi16g1vVndeOuk9NJE-fYlZcCiXpJIlnTWysGZXhk8TyrrnXswdMlfmI3ySQUJXQnDuxkK7K9v3z0WHyY-9d9ogz-R4zB_mtg9AxTZHa0XpHd7SCbHXRiG6E2x-j3Vh2gpearF553d_OnyIosyHI09QDwamHJBbf61gFLs3jctLuZvIFoLrfARsrrOHK5SDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 698C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY5GmITxmZY4y4_y2B7f3n-AEAAAAADgB4AQC&bg=!cHOlczzNAAZxrfrxUa07ADQBe5WfOO8ujQ9DZxnfXKXYFC-M1N78KVgQ1PzD6S-Pgatb_Q_4B8sKwgwAHpWHOrfUMNZpAgAAAENSAAAAAmgBBwoAo55TEH_TBL4bKx92YsCYpp5TIbT1nuO6LHerhOhmfPBWmYnnjinjr8SIOZKz15so5r3UCfsprWyWlEQz0Y02Padqc4qB16DfokI4hh-I5osUhXQ5ENZIUL4-3ejeK_TGwOoXxHTzz4En3RscazBa_ByBEPcck0zIl3V4-bmji8UQNvA4Xo5Sea_h6S6zXkYFaPH9jcC-rTTDzHL6T28jeaxSiuCZAtw6jx6_H-IpAEanqpnk3GClYE2z_rMS41PH-1pnhazIu22xKdZnFvpb9iXHfKy4BP1r6_yIdRNyhHVYfsL5kj7wSnIBXcBli2zmdzshkDzsljEOy-8zMWLYAIu0jvarOB06Cg-0x9FaSd9R9Hy12eRnCNRZCedwpxVaJQxJqftkxlKZJIbH9HCoO5yLJP_DrkaD5oZEtcANe7gznKYbrGysqbW04MowQrVK-mzXTyibcCf8fky1quvFVfjqYSFlSQpgSAK55YStTuCRFPo3cecTjC6Q3n3k4yhUCg7VI1d4UIZkvfTizkrsvfs9hAis6VXWkCcbaR79510sJ-3HPuS8cBZF_1mlE-dqcqHaXNslv-_D0kZUSZzngYBwuTfHzidYFGHF9YWs92mYK6BHK6lO4wEThGR-TpDdnX5VNSe69SCryvzBMmh7rO10B01cO6tMJkZEbOtjvam8BRQZtjva6yKQjTEq1_YJ8dicJJ5cB9VxMLvgIDXumDDqjOq2RPmmARX-cb0kZIh2sjfjhE9d-BxnNzvjYsCpSW7GhrmHRWT6hG8HR5rKrGYh_4MHyp5DsE4NnrQyfz0RA_7U4y_HtMIk8i4CHKoOhw6j5sSTO1uSgWGCH_LLaBRbsjzYZHOV_h73FYdi9330d6X2S5HFDhPH7lBuvhN2XIOBAMXSxgFijjnrUE47PDalAaUwDawJteMyP5FQTWqbSVYn7CdsdhUk6MYxZz2M2P4IoH8Yl-T2MNqAMfnMlZkGa5mLw2Ukh-3kxC7RdUQjODFsn_8a3eZ2zmwpmalS-d9no1Qyx98BxtZZqr3bC4tlUWLhlxHh3-Xk2GliubqsHp899CyNXhDh4ny_5aKCeFNe2CsH6v3F38_VmbJhgXPDNC9BTdKAoHzG90W7hlnb20-VfXCmnLglXI-PkUBLfWMwGU7ZA3KfPH1M1j8xegSskpQnj2oWC-3fBnWwl12xJXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=3027413664&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880774&bpp=1&bdt=1157&idt=197&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600%2C300x600&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1250&ady=3223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C87 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BanQXIDxmZb7uPLSRwuIPjpuFuAUAAAAAOAHgBAI&bg=!OjmlOXbNAAZxrfrxUa07ADQBe5WfOOCEy5AFASh97D8McRL_N_asTJI9GYvCrhMKajk9yOr6N-ScnPxF9ZhSAuxExpdOAgAAAD5SAAAAAWgBBwoAOtrlRGtNDdvP0uRKb6Co8wM6NxQh6-4m6vNk1bDW3RYdanUXVLUZAmakLkdv6pLtLFluduEVI-ZAkM2ZAuU-5ig5UxU5a9a8CuZ2JJ5awYhTrA2_-MMDceI4B5-Dz1JKqZmyM5l5uslVaYyPZ1V6eRHv119QToGGLE2cKO7UlOotfSHrkXwT5LF7d4DmFihMG1QEXRDWEmkrHv1jzPVTVahdmkogYDKMUMo7RTJ5bvAqst0ta-fRle7l7k9GpN3oTQm8wqu3W89TS1IsriJm6_ul_ibon5m3nn75ZksRbrXzITYUoaeMrlPzvVM2Efzz25gIFuwA1rFA6UZFPH_M8eFo8ExW7SMy2smZctLAEmwm9FkHWy4Gc4QnbyAJOEEGZNjZZA05S4N0HRSJm2nhqB8G6cGnCnWDu8Gjlrm0pUDpEFiVwQ8vJzzDIYTJlHI08fpIk9DiKdCk-tdRuLEkTtB8j9f3VcgmCgUUbWtd9TE3jvA4js6O1pA59atJDjWB-5wSz_TQ9BNM5LjTA_9XGidUaKolmtWyDfv26vZe3RjB6atBmLPjgQD1LWgZ2Will9U12PrnAEi8Qq6Q21fu98HYYXvABcv7Xm0DVzUE09UBQJqheh8m1YXYuNVeHr1IvEgsKWBAL9fQWr7rwVaMkNtD8Q_OzZsGILT1MIO6QTDDz0JMdJrpjm320_rm3lticpmJ4YuSSuQ_jhJWDHWZfkUbbKwZrloKjLZ8lZhA1oQH3JraiY54thl4-a5JsED2_dmdmojGf4CeI2JcUwGFraB4UCpwAk6ahCll2Ev3F5YWDKWi0ezzSZCD4oQ_SKt7NSLxtRw8eJT1ra0OznHhhKhHuc0A3pyqSlFDJhwPPIqzIk4ojzfDg7NfbbXNursZaFrx2ooxSmZ6rfTgSSYPQ4uL-RHznR4DiLeKTJyp9_AlYpDKir8zzCX6gZ2SmgjfeypRX4VVS7NMnNznX5tCp8JFLX2dCC59U7kUMoegd0dfYl9visGoANlNFw-YvCBYkt0hN7eCgqMidVCpBb_R0Nyuq8c0DKiBFkXBW3BZ1bUMdgQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8531510046411661&output=html&h=600&slotname=5745528070&adk=1668345985&adf=643282990&pi=t.ma~as.5745528070&w=300&fwrn=4&fwrnh=100&lmt=1701198880&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.lapa.ninja%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701198880772&bpp=2&bdt=1154&idt=188&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2834510024776&frm=20&pv=1&ga_vid=1168814266.1701198881&ga_sid=1701198881&ga_hid=167073565&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=850&ady=495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42531705%2C44798934%2C44809004%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1154354190865477&tmod=1757962745&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
dbab2036bcde7a0face373591501658f81c49f01ad06a313e7f31f7e7025b56e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.lapa.ninja
date
Tue, 28 Nov 2023 19:14:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
view
ad.doubleclick.net/pcs/ Frame 099B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvggJzeQUHkItJaT5vAxjwFDrLB1TxKdd52yZf1nJJ7qa1w-MHVoCmS9r4Amku3dOP0VbuWytpdPxBy_0lLCZQSl6LmgGurefdf1BmEGMsN6u_kDlWml4zJYDB-Rs-aYwohPzt3ZgKL3VNq4lZCuNl3NwokrDCank-G09oJPMltZZj1-13tDAOsoCccxQytqhZw7JS9MU3gjLLsrK8tX0rXP50Mx9Z1qp78fpMzCHoGoswe_NemLrUeWHubvylWW5zGr7i-tmBRdtUwGYWCWMFSRc2imSxKZxGyRmXoaUf-i4TCO2g3tXXuxt0iSuI16DBEdnRmgYjkCY8Hnffx5MRhFaEu9QdEOgSfD8xItHNmAfMg4M9q6tSYO9baaMGLa3d2b0BMSzPPXJO4NhphSTqHIWKEEzdfLB-eRgtyT95JDlH0Q07rji3vVSppghduIsX6O_uEKJUJkyv5G-Aa51m7o4tAeWeTzl36Xe-pKbhX0IBRf0uiEFW9vDHQxBNBffjYM41QTRCV9MqwBsC-NtH2S3uc1TjlAwVkVhr5E5Y_VwSTzPdA_MA3YbGTDUvNcnJ9LnfuDeF_3ALx7jEnIMuBl0BNgKYVCnXQ6sFgoU1MZkgmO3xvyWIq1yk5E9Ab1qdfTpM7VSFZCJwrpe20tg6VcjkVSRC7TVJ7sTwzmRzPXRcmaID61cZJG1ak6P9aDP2wIBnUPlG9GF49ZsSVnLt82qzvkhYEUAWtTkGsD0IgVxNCcE9pyqIBivaBuqMxvqFHvwbh6sDDKTNjtZBCbtzrMzIVWW3eXKOKxYy-6guXO0AfMVA6kee0OVirPQgR1dyx8eJ7ggEd4DqttmPvnKTiicA8MP53JWpjFqauFe0h63oaEUogL84s-kUKkSUojSsFealXlxR9pcXZm-Sa_5QIph8oMmTYawj_Ia9PMX4h40O1ZNW_2y4vNzrBrjhNFNiaK-VgWQZtwL4oXWkbDXB_Zwj3YKTKdfs7HUhINH7RBq4l8DijFKu3KJ2cDl8QBoBgvlU-EbR1Zt5onDlwQiFmScdXGCQNsJ-6xSrKOXG4Ft_47WXgQUDmVXvxJH-rxzs186xLslkI3hMaguvdZTXysefgMhFTaFHC0SZASJj6YiOhVFcJf2B3PRc2xRwfyjBDAFjgrFQ9FNCKq81TGiDV5k-jp4-mNgOvfXHFj2fC7gaLFe3xO98W-3A9-s4NfLJoA22HMkyDkHikT7CLAG11acg_DqU46hH8Bq7zfoWQycjWPSLCSUzFOOosqVUcFEt2ifCBVIcETRSEQqsbkw26tapniDXGF_81n1vRFXCFcQZKPTp2pPqP_UY7-nPp8wFgi__BKCaJD24SaJh2I360QVgAKYvvYXI2&sai=AMfl-YQRCy-lfSKnBwq3BNcl4rWjpUvKgN2aLD2Scw__hcf2rD8eTNUcO87uzqvaFFAGeru87D6t9sq8QJdYoRho-PT8FCSbnjBLIivtd3PGIZeunMNOUbVaKY6-IMsuu_azeRXqSgsKvRdR1R4gSUHDD5X-3DBv6jHsNXOeFQ-v65Zw5dirX_xeRPSB-4O3BMw_fyrUnqcMMZlJXxW19RsaUZIfLAB_4C-rbRClbnZoon6U-xvtv5WPuZxy6_hM8ysHHbBVUpDnkZEF7zxpLl8XIBTrJ7jsHgck4lty-Sl_9oiSgaX7LcQyK4Y_S1HcQqUXzIUCsJbOBSKozgjswOsnsWIF9_ogCNUJ5K4v0rlNLcH2_UzUAU14a_Gs-eERhjeBvJwUcgWAYDl8CZ0MGVwHixaQIE117sXY0Sc_t2tZOd-BkI1mpiki_gRe6E-Y2ScazF2DtlhzYrR0qcb_TNkDQSJ-UU0xbc0zDNTJBuBOc-jjFMQ-qjprENHeX27wO_EAHM4to6E&sig=Cg0ArKJSzLED8Trf2p7DEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=440&vt=11&dtpt=363&dett=3&cstd=72&cisv=r20231109.33831&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8881 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:17:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8881 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fd5dc6b39ba19c622b8559269454c5ba94f3dfcfaa81714e36a8a6d6d805c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5870
x-xss-protection
0
300x250-frame3.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:30:18 GMT
x-content-type-options
nosniff
age
402264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8106
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 03:30:18 GMT
300x250-frame2-iban.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-iban.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c34e6838e66bdeb8deeb506d6d9c52e3eaafd7e572136976c8064d625ffc66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:22:01 GMT
x-content-type-options
nosniff
age
10361
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13183
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Nov 2024 16:22:01 GMT
300x250-frame2-phone.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-phone.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c7cf8c8994757bcd770db5e1ab5bb2023ca625d16262d67a178fe32cfce24e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:49:35 GMT
x-content-type-options
nosniff
age
278707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32603
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:49:35 GMT
300x250-frame2-card.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-card.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3172d72fc88492eede463818ef095356e52a4350a052b866eb311bca2ba6ee19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:51:52 GMT
x-content-type-options
nosniff
age
120170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33399
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Nov 2024 09:51:52 GMT
300x250-frame2-bg.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame2-bg.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d09b7f91ebcaceef1376fb04de6c7d9977118bfbe313ade191c684ac80c91fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:01:22 GMT
x-content-type-options
nosniff
age
357200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2411
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 16:01:22 GMT
300x250-frame1_2.png
s0.2mdn.net/sadbundle/641018540181893391/ Frame DA5A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/641018540181893391/300x250-frame1_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02af9ea0a3a533823c235a2b73ed42297c9e486f1320e102008ec0908ce21191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/641018540181893391/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:51:52 GMT
x-content-type-options
nosniff
age
120170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8015
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 12:42:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Nov 2024 09:51:52 GMT
v3
id5-sync.com/gm/ 		319 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5a505d84f0fdace216de9d5f6150731b6df651a4d12a2293219bffe245c2826c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.lapa.ninja/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lapa.ninja
date
Tue, 28 Nov 2023 19:14:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
300x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8881 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
165ead97130aee9989da6ed77b98b6928ba3820a8de37fd0b1ea5c537305d814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19303
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:15:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8881 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:14:42 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8881 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:19:52 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8881 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:21:52 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8881 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:25:04 GMT
NH_D_NA_Los-Angeles-Palms-Indian_300x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 8881 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_Los-Angeles-Palms-Indian_300x600.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98a3424e4a1f4d93bba914be8544119c7cfb75ec8eaab4e9ab646a5791dcbc0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:12:25 GMT
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88204
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:08:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:27:25 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 8881 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=Rx2d4NuIdR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:12:34 GMT
x-content-type-options
nosniff
age
128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:27:34 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0199 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0824 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C9A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 538D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 769C 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 04:19:00 GMT
age
312942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 04:19:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 769C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 21:48:00 GMT
age
422802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Nov 2024 21:48:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 769C 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 01:47:30 GMT
age
322032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 01:47:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 769C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 22:04:26 GMT
age
335416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 22:04:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 769C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 23:09:32 GMT
age
417910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Nov 2024 23:09:32 GMT
css
fonts.googleapis.com/ Frame 769C 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:17:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:42 GMT
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:41 GMT
expires
Wed, 27 Nov 2024 19:14:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 769C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:17:56 GMT
x-content-type-options
nosniff
server
cafe
age
7006
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:17:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 769C 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
77884
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:36:38 GMT
l
www.google.com/ads/measurement/ Frame 769C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy43FTy4w2UfNHczcNaeydyjM5ymqeqgkU4GTT8H9jyEn1vGXvo162QaLP-blwxVf9Qsj0Q_SnEeh0qeVGVJ7f0XO0aw
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/3290247277874307062/ Frame 769C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3290247277874307062/2076313506083323656
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49f1a24d9cb192a7976bb8937703e82579d8476dcfb2353f760b56abc1d709e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 02:27:33 GMT
x-content-type-options
nosniff
age
319629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32138
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:37:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Nov 2024 02:27:33 GMT
truncated
/ Frame 769C 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 769C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81691eb0219085397c6ef309c668f983eb8ce3cd07d989e56202c9201f0e81eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF54 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqYTo4gEwAQ&v=APEucNWO9Y5jg0HmomppLDEl3LbMe7K-OqsNB9yh1910RJcpPmnt6fJk4WU90-OQZLmckSqk48Sht7E9IfI-vS17nP_O17PhKgOPAx3YlgKHtf_242PiOAHlmWOKkjGjBMecJabJFVc9k2a3wkfAIkKIPSoEXRRn33xq2BCJaMoQHYoYFyOoZPg
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0824 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 16:17:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0824 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0824 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0824 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0824 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 84B3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0824 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0824 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3-nf0jG2jEyhnKONsSmT8Fdu9DboeKDVVoE3ekN2-5s410U-MDR-o8kHCiE9rdeVa9sJtQJ3WDV1i9fbM6FA-j4aX9HscCmwKKpMYtdeczN8HPTQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0824 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzoAmOd9o8HzEwo6w9nzCIBhMq0idKzvIXje_Srl1zqFRjGEwl-0fHYMwyKWAlUbIrV0N39MNYUb5c1GjPZU6P0TT_DQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0824 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 86CE 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYtvaA-gEwAQ&v=APEucNU3s5bCy3Co18t7fohEHIkjRDgP6K4JvBFAgqVAEmFkg-4sn_VdNR6777W1a8TAyzjH6gA2sNSmiZOH-GZCHeUNc0EHDCzmFDxzghy2VDUVvaD0qF20dgRbdjtDgOcfxFX57dyD5Cuker8DDmZojKI47lCgYpGB47ymWKKzpzdGYhJcEz8
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5C9A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C9A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJFm03hjqDU23muenOgjcl-j6Ss8C-CRhw41UrJEKeUjaPf-6xRuPbNjJHUY0COvBzZG5u0ZbCA3oc93A4ZA5oH6OWuP6Q-EXH5bAwu5EZMd1kGaI
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C9A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6821525932856409288&x=1&ct=77
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 5C9A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=68651519;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20563363907&extPm=20563363907&extCr=524303158&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cyef8ITxmZcqvK9LbgQetqpuAA5WWt-1zhuiunvYRp-_z_QgQASDE_IqdAWCVuqaCsAegAYbHmLcpyAEJqQI9a6tbPGiyPqgDAcgDmwSqBPQBT9Ch9gx74LpZVk3mldvXMcao7vjlPcOEQ_wFHgkdL3UITVelZp5GvYhqvIXhVAgnSv36louwHTO9y5OT5nN-VYWHg3ta0Sb3EsNh1lgxIVBYb8K6Ht06R3Z83_5MNzw2H7FLiHX2lRMZ1bTftTYW5ZZT10jzNaUTBik8S3Lfr0PCfnOlmnPBMi21I_OeP-GdB3o_qzHZjhPUFUcnkabqbx1MgRzi-NjFMvOJ2yuhPbjL0R7tWncQ3wbN_K6uTEzQ-baLQO7jh_DJvFPoybYSrLeqKJCuD6G660tw2xr8iRYiDLnqpigVsb2RwPkM_iE2p39-38AEupr15boE4AQDiAXDkLDNTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRF4g0TCIDXo9iz54IDFdJt4AodLdUGMLATh73NFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&sig=AOD64_3c0KqT39RC9U6-WWg6_oYgK0n-VA&client=ca-pub-9961814823930967&dbm_c=AKAmf-Ar7V3KcHyKC5fRx8P6e5zeKlCtW2KeORbsnfvwUtLArrChH2gnFJCJlZP_WvM0oNWbnVDpjJ5FxmhqStJozkHV0aVVeaeujlspT_4apQCiDMGAqYaYgEZSQhLpdAqo8BVeGotiiCakZFyFHdUP9rtLIZZzRpNgqMaJ8_ggCzMZ1OcZEug&cry=1&dbm_d=AKAmf-Bxx2y_SnJSfkSMUhj-u1MNrYDVVs7Otf3KGi74QhSxNBIY7QOMSBN6PjWUZijDZ1zCUhDC0pAa7ELFHOG_H5L7m91RDWw81_Pm7VDERPYf1f5I8l29YsY2weF0x57zcbPVaT9_hO_DRg64dRSGV1UWhYd-k3o1waNQhLjrbFpMaINE8vrfgIhNYuR-l66tA8lZsbgWrq11ttyyRZXno8zTW-vopkgS9pgPb_3ZLoKIQPWCQrm8PHD0kM3rT48WdhY9c696ynDB4EptVY1PJ7UUoOJfzZDuQCrUMuoqkBbxdjCSCJp1jpvsv9HjAuyRhpUmhcCyrRjiCFv4P-80eB9U1AQtVCt1ESM463N92jaUtcYqe6eXemOG7lunBFLhHNpggI8yDqicfqu5zpqGXh6U7MfehATqLrJQJ_NzVpuiX2Qh5dcmXqzgSfr1H7QcMAHTK38NpoJ6VleId6SB5Eu5vNa1GagmvOXjiuiLJ0GZ21j_eJRklH5kMfD_a6-LV0MNElMr9rrbOfarSLcQk-ClQpC3-5AeD790D_cqUom59NtFfqo&adurl=
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eab64f0cc5082a6da312ca7d949eea0387f88d703980908653e8cd57d3bb367d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2919
expires
-1
ai.aspx
m.exactag.com/ Frame 5C9A 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20563363907&extPm=20563363907&extCr=524303158&rnd=1701198881710602
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 28 Nov 2023 19:14:42 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 28 Nov 2023 07:14:42 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5C9A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5C9A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
l
www.google.com/ads/measurement/ Frame 5C9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrI3wjgCITzIYGKN_RRBWl3Zrn5jtPc_ECHA1T92QXH6H2FbkkeTL7jgEXTjEwl_in06bQJiBWdv4yoYPq1Zw3WdU0iw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5C9A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 769C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lapa.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
339863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:50:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 769C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lapa.ninja
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:27:48 GMT
x-content-type-options
nosniff
age
413214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 00:27:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 679A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYrYDo4gEwAQ&v=APEucNX9tY9LS1L-wBjMnQyGfoVYp-u5KAvxs9xGcxJ511nsUQKWDpQvj8pWKmxK_JLlcAdsbavKAMOxFkP0ViOifEXvS_Yg_9-RsXi-vACGPu6l8aLLRn1bpLiYx9F-REqp-7klV7u11l5ZNLWznTFLxe10SdNBEMbdPKpDHL29EZMLSxLIHY0
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 538D 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 16:17:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 538D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 538D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
41654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 538D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 538D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8601 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 538D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 538D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOVZnQ77JcuhGfrX2q3FC947aZ3ME8evmSawGe233exvpJrMtdCMC61PQvsTV4hmeFk6moWnuKlkf1L3Y4KBtYmLd5c4N6Chp1YTlP72Cw0PX-RsY
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 538D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfApsbY_jjClYJXLKyAuFN9bWstSxEEnjXkRU11vEBsogFmodD6Gc7_HbRFb76pX8D0ET6wiPzYLsu485bdsGzi3sP7Q
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 538D 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C40D 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXKtIfNpBpXg0nXqZOGe-HjzZTaDXnZK6uc64KOjXaB7Bj8vo8Cu5Q3h4OeTvEmFPKQrwe8kbNY4BtXy13aMBs0cAA225zT6osV_f_3crN4svxuKCQ9jQiUWruypTBCcv8ZBi9Mwpr9LNgRVe4xOb0_uUrfCQhKiJZz4HIJadW4LCTTqJw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DD3E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dpqs5mgpHuok9OKKjgROr5rv6LdA9_DCJL2feqQT9pKtotEBwVTTFr2CaoW_xejsJokI3FUJktuuXiGq35PzBaCL7U1FT4BVe-hTPxGbw4uEFEfeA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13750783698460333811&x=1&ct=77
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DD3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DD3E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
l
www.google.com/ads/measurement/ Frame DD3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvkBd2gAxi1pQMXn3_D0_JEAvZQH6oG9X10cGsTV9PdiGEt7jTqobcAGtAKNnnhvIgJ8QbivHKRx2upwagwua6J0J3cQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DD3E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F80E 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU5Os1AWD-Z2rwAntZPzIRmjP5iQgVexc5UFLv1kfWgqKflX0TTfmjnwfPCvFAk9NNpjo7VBFv4gORrFw7uTD0C0TPUpUX5rL5Z24SCG7eGHFjQ5daJPphsDf2EfO74PxyM2G1xhjcPxIsFS6sJ5fe94q_To8SB5DFRWpfJxcdAuoty3kM
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8E8F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Da7kUNpwesBbEghP62nPOky-gPpETT_qmS4ZfFztVavIypwcO7eWMTi2jcGYCZEmZlykoDzvUq_MQUau4q3gsMQu0yY3StfCd_l43uGdG9AcoxoJA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6172749018976632593&x=1&ct=77
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 14:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:19 GMT
l
www.google.com/ads/measurement/ Frame 8E8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzeVfF9s3qZ8sDssLknufDDyMAi5yeKmH9NqiWYLN3ZZSBowv6onBgt6wHehqgAhrabpyy2Ls-ORYpL_rGBE8E6MC-Nw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8E8F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:42 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 84B3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1&google_push=AXcoOmSy2Ad7VcK8-Wx-FIUdnLM44289LSmE1xISx5XnHVEicYW6OLTCczxkPR41hvwDg-P0KMfzJwmtRJEhfxP47apV8aDgbAc-kw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2Nzk5NzcxMTUwOTg3MTk4Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 84B3 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKiwCk8j5G3C1D_tiT9ra9s&google_cver=1&google_push=AXcoOmRperdXxrt_8DpoTQkY4Fr_8H5C3h0huR9UY5Vx1H0WbjYdhYjr0bzo677ADoEq626oca1SMn_3UGZ6v4CD307uVYWmVNPvXA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 84B3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEG8IPJKCD-b-94FeoJ8h0A&google_cver=1&google_push=AXcoOmRhL6uNxBhfV1cmijBu4tgJCHE9SHbkYZfPVVJrkVgSn91SdiD5ZYjyVTzIA5ZrUf2BavGajefBpdXCBNSIdx8ILI0ObVve3g
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 84B3
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAluFz4LohJmd0KMUWUkLB8&google_cver=1&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZmMmXFmKktVjQYnY83&google_hm=4j4pH49RSHar7OPOujBxHBY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZmMmXFmKktVjQYnY83&google_hm=4j4pH49RSHar7OPOujBxHBY
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRLS9wUrG35PLTG9NwQQmOFCY_Cu1AE0WQ1i-A0Oc1fbehS24l1bR6MVGEfsKDEgrNCXyxx23R-MhZmMmXFmKktVjQYnY83&google_hm=4j4pH49RSHar7OPOujBxHBY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84B3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAw4-rhtZMG-I6zw4_G-QaI&google_cver=1&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAw4-rhtZMG-I6zw4_G-QaI&google_cver=1&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA&google_hm=Hu7iuGZH1781crvmR0qV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA&google_hm=Hu7iuGZH1781crvmR0qV57BN
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 28 Nov 2023 19:14:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSUyRw0vg-Mjvwb-yh9se6topKtQsG95S7Rv-mhJtyW-iFP7JB7U7S-CD8Ac40-ZPQ8rZnsA8NXuTZgjl656MbuNxXExSDrcA&google_hm=Hu7iuGZH1781crvmR0qV57BN
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
report
sync.teads.tv/um/ Frame 84B3
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQrJf8i3J4jLOEwWEQlRmzGUHOsH4EP6Qkg_vp85GGwchenKgsJ0zKMDjuQ2h-JiXh1oPOHVb8fQYDBKccfdQnTQnuiHGNQGkQ
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 19:14:43 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 84B3 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJrBMxtqBAximdPxMCWTKl8&google_cver=1&google_push=AXcoOmQakcLK8f9QFjrGkNagFq6-c-slh9AvyVG3EPS1rpL2CiLhR9iTOQ6hb9KhbHXbR5smrFT00_-TmMmnXr7vbnaifxxYrgRWrA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.249.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-249-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 84B3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxpCfYVZElBwACgfwJ-urKKgZNuYEpuU1SarEji4q4C16yCh1hznTpD_XWdgMtSb7M2tZh-ac
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
partner
sync.search.spotxchange.com/ Frame EF54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKROtuJh7FgEv_apRttnFX0&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame EF54 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame EF54 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqYTo4gEwAQ&v=APEucNWO9Y5jg0HmomppLDEl3LbMe7K-OqsNB9yh1910RJcpPmnt6fJk4WU90-OQZLmckSqk48Sht7E9IfI-vS17nP_O17PhKgOPAx3YlgKHtf_242PiOAHlmWOKkjGjBMecJabJFVc9k2a3wkfAIkKIPSoEXRRn33xq2BCJaMoQHYoYFyOoZPg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
rtb-csync.smartadserver.com/redir/ Frame 86CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&google_cver=1
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYtvaA-gEwAQ&v=APEucNU3s5bCy3Co18t7fohEHIkjRDgP6K4JvBFAgqVAEmFkg-4sn_VdNR6777W1a8TAyzjH6gA2sNSmiZOH-GZCHeUNc0EHDCzmFDxzghy2VDUVvaD0qF20dgRbdjtDgOcfxFX57dyD5Cuker8DDmZojKI47lCgYpGB47ymWKKzpzdGYhJcEz8
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 86CE 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYtvaA-gEwAQ&v=APEucNU3s5bCy3Co18t7fohEHIkjRDgP6K4JvBFAgqVAEmFkg-4sn_VdNR6777W1a8TAyzjH6gA2sNSmiZOH-GZCHeUNc0EHDCzmFDxzghy2VDUVvaD0qF20dgRbdjtDgOcfxFX57dyD5Cuker8DDmZojKI47lCgYpGB47ymWKKzpzdGYhJcEz8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
content-type
image/gif
truncated
/ Frame 0824 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a4d47a095efd53dab83003aa8203c6e91ba4cedde0bf907a43e7d1fb8691dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1B29 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
google
match.adsrvr.org/track/cmf/ Frame 8601 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEG8IPJKCD-b-94FeoJ8h0A&google_cver=1&google_push=AXcoOmQ6_hcA9WRVj9Y2fYp9MY5D57IlDb9aHV0Yc5LAp3PXLl0UsYMVVTuVBz_zh73TjfvdXqWKBSQbkHXt3-MvY8v8qRjNxBSf
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAluFz4LohJmd0KMUWUkLB8&google_cver=1&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI_BHznFVSYE5M8Mkvivw&google_hm=zANM31bxRueBVLCwck...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI_BHznFVSYE5M8Mkvivw&google_hm=zANM31bxRueBVLCwcks-oRY
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRGLNXnCWxpFMy1wJhGkws79-NiqpAbdfnLFii7DnGYdctwMnvPUqiiEj7uDMROJ2JFwp3QeJKXpJI_BHznFVSYE5M8Mkvivw&google_hm=zANM31bxRueBVLCwcks-oRY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFOXNvP79oTWcQPHuB6lrzo&google_cver=1&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR5AhN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR5AhNnFz6x31QtLmA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSUMBboVdiTX45R-PUbyLE7Vcw5gXyiB51IiuyiDgBl2-EXFDBBvDxaBVjmbChQlEl5Ifr4LHQ4t11JhR5AhNnFz6x31QtLmA
Date
Tue, 28 Nov 2023 19:14:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGQ3aKmnMxkCzHT4r2qSuSg&google_cver=1&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV0Zr3sUIYxtQQ9Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV0Zr3sUIYxtQQ9Q
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS_EpE2WcqJjFzWgXemaYcWMKVmpRjnqRemOmWbcoFd0iSSsQkT9QFJDLU9iuhLgMN7XsRLPSjDfVbrLxmV0Zr3sUIYxtQQ9Q
x-host
tde-deliveryengine-production-6987bbc57b-rttg4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED7hg4G5O440kdf-QRwca04&google_cver=1&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9c...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9ceOHiiSQ&google_hm=eS1wdzRGaFdWRTJwSDFf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9ceOHiiSQ&google_hm=eS1wdzRGaFdWRTJwSDFfTXJSRmU1VzlLQnlOc3p0Y0hqOH5B
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTN7EDdiGsuXfrMt4uR4Z6P4D7821TxGA1GLAfFnwGGiL5Tch1dJsKY4Gl8E8HtKnXL7C9DpPLKKfERohfj9OZBY9ceOHiiSQ&google_hm=eS1wdzRGaFdWRTJwSDFfTXJSRmU1VzlLQnlOc3p0Y0hqOH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaeP...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmToGTfDE6Le1GEXkCMxeXil27OaJ-HuRx8rwodpv-no6mwfV5dW5MwcKDo69rFbNGH5sam3TAtzRfpz199nwOaePi_jVHLL
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8601
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmQ5N12TANobMNYZoPGsOdk2Jp9k89r5q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmQ5N12TANobMNYZoPGsOdk2Jp9k89r5q-LsA1ieYNRSRJpueMyD3nUDxRTlmGiaTxATiJtKYN1UlFSrwjS8T2TK2_QxYpIgqQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byYz4aItFKW4VgvW3%2FS8qxD%2F0dtEicN3F%2BzBt48IVaxxIuC%2F3I71RP3RD%2BlYy%2F7iQcctFFFVMO1FosJxKDF7iC7aupzUyQoX7k%2BlYS3E%2Ftpba9li%2FNXianpBmw6irVU2V0dZ3hCbMwrVCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmQ5N12TANobMNYZoPGsOdk2Jp9k89r5q-LsA1ieYNRSRJpueMyD3nUDxRTlmGiaTxATiJtKYN1UlFSrwjS8T2TK2_QxYpIgqQ
cache-control
no-cache
cf-ray
82d4ef7a5c232bc7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 8601 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL-MVuVxDms_BLfcvPVHMF6wucfAwzMpID89SuU738s15_uT_n_to7ZM8Vm8pLSer_q_-S
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 85C6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/2230318213786861877/ Frame 61CE 		1 KB
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c28c363294add55856865b33329eaba48bfdeaae8edb0b11b87ea677764695a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:42 GMT
expires
Wed, 27 Nov 2024 19:14:42 GMT
last-modified
Thu, 27 Apr 2023 13:47:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0824 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuao_uZLvFhZN8MA2MummcpCtj9-6VqYzGxwIvDBtiolrA2TApZfzV5et2O_QiBGUJtkfr4MSDlTDQNNKw88PQS7qaul_X8i9gVL_jnO0R9BgAmkh2SH8FA2XyMlALoCh1jnvv0ZqZw5jWajzEH6P7coVukgmCHJ4pcbdgTSVj9BC2URytM_s-KqXQj9eA_UI7emBH1Y4cs-84wb6T2z9ILLsUWRKDkg-dR3KJTteu-Jja35vaYTrIv5JLF19e82TUD37KswuBS4O9itycJexA8hB5zfhP_dzAhbNFD39yIjzGEXLc3HiIr2g-Kq52qmhBbORJpRWMvayVLNh5Mgd0pkwith1SJJLoTXlEFRY8oUhOBjbdTSL0bIhb6MGKtminEt1-k7g59mAEJBr9rwAYuDjHMMNmqtE1dhVu3N_GVObtLZnmndJzMEb2aA--ufsrKyQN3gaNYmCB-awSbanG2gg3A6PYGdbA7fbr9VDKcS-zzqNtOkDbcylLuS4UkxnkWMd0f0SwlzRJsJzAfdUnmb7b-7g9bCrbsxveM5QQsuh6CLudLnS7lK9jygzS1EedqLDxQVFneR9yi5UEGNuVXdHZohWVX7WPmZMVpuRYC3Cr4T29pv0lMaueu6Op1ySlvZKohq9w6CLqsikTYLE_uGs5VGQnPwKCxnhrXj-E0jcgU-FsUsR9JxdS53semkwvhc434UEsTLN4KscYGkYJtK1UzFcbWRdirh7SDuYLRvESrwEgfeHWaw9u3yM_1zL6VCHaVAgri3ekNMnlVGCkFhjJfuV8Wbu29CHlfzeQpmLJUQSipkmDwDlnyxtRzBUG1s96sJilZwQIJ8zo68Pt2nHUmkCPlDi2T0jJZyRc6xhGztXqQ679dA-Utx_eLLBqN_3hMq9TpLhhXl4RHKmnp3wuTRbIo903Xctu_AN-Q08fwmi2I3tDLKNTUNDf8KNYNddePeT1w1Lxg-RvwqL4AzGSngdV12uLXBTnHWCNWzUMaduXQE_wKrdr0DWzaGOD_7MfW4DqHLBDFjuD7gZeE4F31PE9BNFhTaId9WnT7HcETcaoMXIQDFsVHEdQaI-sBkrfeRPSY14876Lp7thTs1DOLcBnoNqE0oN6ZwIy9OqerUZbYI8AuFjBMwYu765QBr5Lwxr_3-idkVsb5Pvz6f--83Fc_vKRJCDicPfTI7hEjlCxyWaxkYN3Blqa9T6lgSD_R4F3nHBcHPEjw3upb768TpGAhGNxeueRECQFV2cd-5jJQxltyYsQYcWWZTCowMXA4ISBO6Cy2cRg4B4mmAUETHY6ZZO4dPnR363iiYcpPHckgp8cxE6isHoWJaFm2TutQ0Fb8dX_eRoqOdjvwPDwplQCFn1Nb-aWnDpMI1e-veCVdtKWy0Jspo0a_Qd1SvzX2Nf0m6F_T5Xpy1rT5I61eh6-h1sLKNIQSm0eqSFC3cuvH2hk&sai=AMfl-YQgq6y4NXHaJ-ymAhn6VVRZ4mId7wPGiDRM18AyYsVIF_gACqwvw7Bo_QRf2reJUgZxhuj9TJG5GHRTfyDz8Ouw8Mnn1m3jIIbowj96CEWoMPvsLn5dgA2Oi01aB6WkHCSWC8ABJ6dq4Ep96-nJ3gtBLx9FFtP6LaYucPb8nNeopxdGTKCIBatZjdWzSW7i4aFQyS-DHMRRf_zk1P7UpKf7p5sr_aWkGiM12ashT2har48_iIxMAsvD0FTxcwvUfhv6x1ZRHS5b4r-galxqr8dCccVFSt9JrDjls9H-D1nLR-LR79EPcqKCRQT_4FzYCb7yH45D2Ej_RcQOj96h8hwEQrfkfm0OIZgckDbSoCShmB-1M4TLPSwTnD1iwn5vOKPxCIQPXUzADcxzJIZOHa53eaxrl-66S-Wtly0Vzi43&sig=Cg0ArKJSzFPzwQSZ9zFIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=147&cisv=r20231109.31707&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame 0824 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030992&extPm=361577643&gdpr_consent=&gdpr=
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 28 Nov 2023 19:14:42 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 28 Nov 2023 07:14:43 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 538D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a28ea2a6dd89ff16ac62fa6cb524222ec84c9db64db0e094fd69cc6ebe825e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame C1F8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHTTDA3PBhyOa5RS-f11wyM-sDyCcLLicQDnb6wYBaFaalAYiFXbZROdJr7H2SbWYd4IA4ToxeyzNWoTGTVCTkhND5TuWxeYKpkMfYy_m372jVTMVE_P1dRfuWNwYRVjHdSre-jA5zUS9m&sai=AMfl-YSNV4hWxDfR6laVQEl381r36qriWiUwkjesxq-WYporsmWhXZk8j3mn9Xwax1AMRg30p4lqrxIqYQFYWcEBHfRAQJkjF4QBrAZPWeQq1JOYSuYVuy9zgtkWdLVOLDrb8z4iYPqveJ7-nLy_hRI7&sig=Cg0ArKJSzJVk0QRNk2lJEAE&cid=CAQSTgDICaaNYtpqN-F5Eq4NWidELSuyOAoW4Z_NWPVkZQS6ZCcrdKyVnCViB2Gqayx7R-feBQEizZUDC789ddv6yAq_l5XBYA4VFpCvYPWybRgB&id=lidar2&mcvt=1030&p=0,0,250,300&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1261712459&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701198880957&rpt=979&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/346383189655976896/ Frame E2C5 		1 KB
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Wed, 27 Nov 2024 19:14:43 GMT
last-modified
Thu, 27 Apr 2023 13:48:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 538D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvOYuSNfwPPE_TVN7zIr923e0WgwlI4pdSwNZHB10qzlkFWvAPTQUkMxCfLbPkC3Mkcv96f97GMFJWA9-I3Ixih9tBoXx9iiiC5amXMUWBUGLIiKkKzvtS0N72PRz1H_5_YBpg4CXCGt6UPHj3hxZatAe-kKbVG4RcNlgXj5AGv4MHBe1satacz0DVdsOu7jyzz1dBF8FpFrbw_eESEiYapkyYA02ShOL80vS6s2OhXQHWfQgl0dlR3jEW_CdvFgZvM13jsl6gfaLY8zox338Munio0HtOK0K50XUcBR2YBJ9py0kpO2ZhuWPfUq5fo4pUJRCI2OJeraoxIGoasPtB4Ifa1eMw8-tngR5vdCZOGTrrQmtAZAipK04tDsVCbgas_tjuB1e5OGAMDRSHpRAeRhxJZeRkTXG_1jTa6AYpwi_p1tD6bxK0VHUDA2PAQjJcfEUgFzlfe8alEwFLL__z7RlkD44G8knKsj2Mh7gmUpppEi6YQlbrS7LVSA7kNxa5RanQJDl_F5XYEOmUXTz1iMlBX1qKvYMMLrAZ1oia1HNpBCw6to-ZWtvOIqDl3tWmmEZ7o8-O2qEBM3Vpznw7QW2wzNddptrFOuWRV360ynEJSBd6n3vrKGs3JPC9WOAqeQISj4eFYHv5BFQ1Oq6pGn-aZWa5J85t8HhmpUpVhV9JzcU8Fqwh-1NFA-Lvb1Qgyfd3HbA8RO7ZeLhanIMnYb685_9Khstly9TYaZDE1qo_G4CISmgxKzWO0Qo8cR5nlW1oAjHPJHz2gtdmA4tqkzTDXVEypsQoF1JKWpJTPQvRi6wInBtsr5E4wkodR4mBSVzbLLAbEuViigLAw8k76LgKP81A_vNXK5lzV-88V3y8a20gOYnTrupmcZGb8eVXxtjkfXeQna8GiMEs1EAdPYaEvjH9dhpmWknd4Ws1VjzJdJBloXFIPYCSm6qpauPuFBDTg1DwLSO86pfY48xucNYRPjGMbSnce8EECSibYAgBJGetd3yJC4gHZNnfsXmz2q3AXfss62CIJNfPPZLxqoVp9smxCjsROMrFw3PdwIXEqDUJT3aNrUQRc-C-8nh8QQAYavokOgEVYueWRaR67D53oFphpMqJwK97HVJXjPsbLXwWfGfm1T9GG-e5Z0-xUtpRzZKh6MKYAf6r25QvWpqCEBouXdVjoG1J9RkZzOGp9GEmvTe1vykZ0dWsjqRQPxiVCq_VNM1V14qYeirFboEWQ6b9HQ9nT1w_SkmiLqh5nbsHC3PJCd6frLlQYYHNvF0KmqhRJAFeMOqkV-Wr6aTTuiJ8d9GNHCMoVoZrkla9mWkQXRDfvKOpyL0tErsvwRRxjE6KLwKbpDQCieaseq55EuBvpIQn21r2SF8rNxQTtlvyOAARQ0H1rQy77DKd0Cj37jWHtYyDLIUPhKvDRNE82YOFInr2wD--7akyfS29t2zo9ZFU&sai=AMfl-YRijacYaCYXhPpL_9YGYyWuRWOX8oPVOOXu56rBOTxieZDcuWbA0ornULh5_JL1HqEa6ysfqZUbj-DVGcrQzN96wltidc0njvBncXA2Rko8YQv4uF6duA0jkSX5gVAyPQ6NZXC_3vfa3FHGBZ1sOJSttaP8x2eMQIYClASt9YFOKaPwEKddrn32JZPM0sCpCcd-COUqh5itNS56JUcoA3P9BL4hXxMb1d55rvvI71nYE5rFzFHytuGbcojjuzCMAqmrUiHEDKVZPKhhhzLxomHm2hD5wFP3DCRya_SAc821r4o0RycQvweoJUzqMyUhHg8SDVaCEV727TJ7qJ7QgpgZ892fKymv6Qf6pQhMXB8tpnFvG4qDC55uaKmZBWxOiUVD6K19UU2LjUHqBcfdsUUnrN6pVgpNhivk92-pYmPm&sig=Cg0ArKJSzAe64f5n5HH6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=185&cisv=r20231109.19601&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame 538D 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030143&extPm=361382341&gdpr_consent=&gdpr=
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 28 Nov 2023 07:14:43 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C9A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=835150612167&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C9A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=835150612167&version=m202309260101&ct=77&x=1&cor=6821525932856409000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5C9A 		34 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPfPUHUSYAi2l-j2T4B-clKsigivj7wL7A6u2rOi0zO6seCTJFIaGzIFkkbOPn61no94iyvCRbDO60Sfz1LGY416stWHv56D7y1gZVKjs4n9HRkSUHyPTGtSMJnZtK6F6I_ACqgmM1g-kWNnrP62yMKW0Grhl-0dVyYTBKPJld3HTPl6I&cry=1&dbm_d=AKAmf-A5qx3zbvtNk6hNdUAzIWtnIcHJ4nbhIpHAW0RBjAn65R6ziwrKACC6z-GgFXDnPcYccOajD6wA4l1CkSnbLkGxTxupzLbQ1Bve0lEjUqB_IOLpT8_yVdLeFWhN8zJT_yOOz9TTHy8aZUzq1Qngi6HybCuXn_8gibmcdm3fjlTl76jbHTi7F6VR8sCwBChF7KHok5GCJQX76rhaVRXYnhKJo66tyw8gUAa6w0GpSun7rhHlbCbB_MhLyQihhixRXWYJBLwjcyC9rIyewC4T8gMKkj6cnPyALSHRhDndFpLqzds95gw4NtnzwN02wPHHAAL2mhd-JVtrXwo48SgVRiJwMwz261LTI8_9XCrfrfkCdkp3EichM6JMPYtYu0mV3VAf95tgO0E9Sa9rgaDRYjnE2Z64JywlDnYJxrgWI9tWguvUNWLYt2WcyGJxyxy3lUr8oFRHQwrDE7lZcb8te8MS5WQzB0d7pNFkStbx-h4QYVDiRTK_BuUPZzA_ra4rhoNbEI_SrnpmvVOksxyMYy20A01TESpKe_gnYB0-C_WP06sZ-HHypSlCKljSxdHA3y_Lr3nSfqGAFcCM6stzciarkXJrVsF9ti1vAvhS1WvVUMGZkFtWGygpJ0cIsZrH0oo_hd09yUt68n2Bx0pkShxmimAyKpgcKt2EExm763UXYTND2hglapky4BlwOi1NvXuIZqAOhc2u2xAIPSZW1vC1ZFQuKu2piTx_FzdD8urQATgZruNE91uyY4UsFaSzGHNkaawDw0NIvXRnbRrRV4ncujifc8_M-8hvsq8vv2o6rIjifO_tsmduP-J-TRS42n991HQPsiM3tSOt8Fy3TjrtSQa1FygHi_JXwmFbuNpMIeP7xyXjXpTS68lRKiQeTM42CHiXEiYKAXex5ZUjH9ZJ_m3FEtgJQU1NVZvftmweY7XRyUXw0iRw1yJLjIf5gj4D2TgQdllmRbtKTAfTc85StB_WeYFt3akK5VqyuKmvidXYz_2_f54BggwvxZevuQkDPYD67Btff8Ie9uDAVeq27zyXQnkWJXtrBm-ZnDbvr9oExHYZJ4xivHFcPHlIziOaMF74h8eCy4-EQ20xSZ3ip2GoIBpX68VhYBVwHln4nqKbPFQDWZLNTfMMu7AAnBvoiD7vD7NkLfUIofvFM0G7Wh9rwjdXi2F10jE-EQjiWV5ReZTmujUnN-Wpf6iecGwdgV7oeouo6UDyiJV9dSfHVCfJ_ljWLLQJxVd1UJ8FZzR2JlY_TaVHhTe59Z5cFOKkDbmiCsTqVZIox6UXKqbD0QVG_7i8iGj8x4X6ZNf3kfuJAbb7p1FSQ73tc3BLhfJ5fENZmbsqnnAlLTy8mNtX0IEvBW8PviSPBeSrJCFRzs8rRxBLKQz2a9cgZL7wiy9IWRCoxcMl78PiUfK37lU8MRN7U8-SJ6HTVgXzzXx7-IjuMuy4Le7-L-dZPz_HsDjjJSp6YOBwG4J-u7A1YBiKBat0S5AGZCVHl_EW69gaRasQq18_3tQ6C_jn0JoDD77UwDOOF02pgkVpBE327WVo6hpropnLmtFrT_edl5sRed0-MAeSZwjjRXbqiMLePgNPb51rfoQ93d-C2c2Q5Y6-PcVyUkS0Sr6fXP2KKWkz3LOdInKMni_qkFDu9uiTYK5p1dznv4P1T3iO6rYTet0Y5db36pd4E1GWO6JT7PfzdJSU8OZe1XgWTQCKHKNnS61v3__5ncygd143Cd71jmQ1UbyIOQa0_yzCLOsZ7bZ5aCdjbUmP3HF_2nRJ_DG-UABEAwg58VeVbUxplyG6p7I6K3dd9wRhJLYV3KFpWyQgZShn9x_o_c7AFqFmeRF8A9H6vxbB1-gMjygPoJr6gcwkKmZpqTN-jQU1lg6RYpGunT4WODcJpEkFo8YNYEf3FPb5hH8mRzWYZOWjIks1EDUfqMxzncYzD3KF7lQr4ajZERWGuraLLhPiP4G0tO16on54Fujur__LvlV2rAwNHaho0DHFezKr49TrVApQ9FVTaC8e6AhiBo2aquo7YBTcgYs2XNwJAvUix1OTDiy03sL5_6JV36kp4Shx11HC5jU0scLqEUXriGGJVbLc8F14sr5bn_QWR8o80dgVEYUV9kruX1cvGbp2Odd74rzfsJXuEV-GVQCykz3A36DihW9yLVSogC_QZwNMiiGAhaLUwGqmWDoUcjzbKzYITQYLHAytk0krYPJZj3SFiUkS-xnTwzIPPeBLptIAtdZK3J8HZ2Znw820CILuHy1vvAC4yY5y5y-X6jb_AzbQes6GPAL8hwVwfjrwwAWS5h6Df2d4reAnlPOS6OqbdXwxwV9kra75cAor587Kacg9o1nM4RCdHE-60UAUhrnXdr6FbvDBIKrcAmNUrD8dOoctKVHm3gNA8_bmV8SAgS8HJY5-kST89s2WXQmIu3mhPIrkxtudvKjI3LeI9vZR4WYsuuUMRoXgbziJ97E-a7T-WTmpyg_oakjHX0ZIEX0i2YHBLuPn2zv1UtbLMxvKmTfVu1mvKJhmEhVu7_RmgoY_r89gGxq-iIRlzQhH_6IvLwXRe3m9WbMPEp7014vcUi0H60u95UnfgJMEkVjXUbjbBOE-elT1aTFyHsoHwhM6TZA9rRrJx25S6LunfkrP_HJ6wIvvr9jDHUl-vT--rf2_oCb87I_qgiWML0NWSosDZhJLk5CU3QLlUldWf2YQ-tJZwQtBcLGNKZXPhGi31lqPI0n07h3vpgtSZtTTUGkgUGbmVSRyd0DCcy-AZotX-Q1an45IXiq_aj6UoyuQ2eTx_GCAQ3-tvAFHxDaWwRxSpcKlylTmtpEASNfCLKlKNDB78E5j2yOTX7aX7LlluDUHVQE7LOky7j9CYs6B1KpFqqcJ2xHWLzHoCehWQOLTGZ_HhNNsxeSMPt57gwghb259v4X3dPnHdDEenkP6sBP6L6CR-rDn8SgiL4WM9NLlP7ae3fl782ul59si6VufrPhYVuPNagWLxOog4Nvydfok34C41CrJpzi4qcoYqdRcBf9B_HKZnQ4Fg8mXgvboBOKOSfLezvNYzoodG1VHWkdqG4FJ5S25CjsHpMz4D5Jd1dT6BAMkR73d__UputC35j7LGV4NIuf-LzoyTdlHcrQ0vLj794zLUO2Y4vbtMtcE_fuiI48T-Defz3XhVvcBmEEbMVgBQELzv0Ku4DfHlyyIXHODAy8fY21gy6UKb718DxmhfOHjosrp9r8HlIArg4lfc1J-0-YRMp5WH3lR3KZ5Ok-zNmYae4GzeaFjTj9Lg0sZ-XHd8kr1ecm7regKytsIRZSNnZC0O08onrAOrpl4pHiN9DJWcT5I-HgpRzxtjaouGQbtPQWonDOQv9heT-NnEL--_Nvo6j7pKKXWcfY4Lu19eIVUSdbhBJGoPH-NuV4Zxojf6WSlL7Zld-1jLRPGS1FWe7-jqQRqJq9ek-Lm7opQZL_Lk7vO_2MKgfU8fJmuk0yJt9MsIMb-fMgdKpzLT6hZVo82t9zXk074_WU_AqEszYUIG1KqmaCo1-IPk-5JIP6IIZBMyy8xlQfbf7F01MjhT3Z09hERNM4uag6bsN7be8dL85tvbUAg461TWjJgvsa8To03sn_3lhPbzkSVc3lBmlQwdKmNPeXaNbEe9-0-4i5JhQBF7dQRE4lHmEpLKmyaz14_kYR8Ewx4xpcy5vcNp-jFnpF5vV9k8Z1PAxDTjfVocaY8lhaCY8z063fpy3Kyt6Lj-e7eBpuxaIGDlGuuxV2gG-WMuroJ&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=6821525932856409000&adk=3690638929&idt=109&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dba06db39e06de7beec752e277525d2f94d44abb4118e90475a0a8cfdcc87107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19787
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1201444505337&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1201444505337&version=m202309260101&ct=77&x=1&cor=13750783698460334000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DD3E 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8SCZgOousehW9P6cHOV4hT3XK5RDiXuRfQnW_a03mgMFo09Vd_itKd56M0UJ9XwTZzTYe3qOvcWpU2bamssBOhr6RaRX2qDgGSk28vfb5R3xlIKciIgYrx_XnDYH6E2AtiTymmAmgw2EGUiHtbbnCAONWZB6zrMxFJl8lUI_T7tX02DQ&cry=1&dbm_d=AKAmf-CToagw12VGwFAIP-aQfJsepbRHoRdvHEeRlsOmvqnryWmeB5p7Zs9KuZwco4tt_qW86cFsdi52DLc6nx3hQ2oOnURasGRpQGDkGQcPN4uWVFSiFkAOfxA-A8bCvB6iRjZVAw8rk8w8p2m_ejZIhTIeCNch7CKWO0XunrR0CvZXeUOlKF-tIhPDZCafSEnxalNzay7jFLiKcw78ThBE_2fFHIMfBrElWfDE09DzphoL5niInm1WjDj_vTQ9giCYgNgF0PPRCv7JmQddL5Lp4EhyOpzjCHpLWGXGm0ajgvcH5XJdVfWRHh1ZNOnxPkYpLg-LUCrTlIM69KeK8AsBqCbbDqdswLz6Z1tLQOZSz2Ncz5TtkAzqiWAQUxDE_zc89b80pPJDqVhKVBWdj6e1kqO1nicOcl6LvhoyyXHWWViMGpoPM89rj4wIH6Qfy1VLsirfvQJquTFfuvrSk8eo__gKa2vEFvKwD3h4pVmCY6hM0y9KBuroNlKtSN8gEIJBmAEscVt2nfbv_i7VEa1GTyrK3VMCdwJFT29be9yKcZ9jPEG8XDIKlzP0R1cgRhRnIQUo8hNgoxdILaMKx851iGes4rNyR9GLDhts-OBRJIpnOe6TqR3PHjOUTCL01HDSQEUYSoqMoYWsIGyTwPrzRkM__QUkJcsv_P1skjiLKmKrc4C4VZ6Xn7HLiGfJ6WxzkSgqA0C4g2-Xt7uXM4YT4wE5giUREJshA8f5GOO4eOQT27k7nSMJgKTVSL3yuLg9wRZko2tLuG3VwZoPSpHKsm1EelLqIJLfCq2bowL4sJJcymR9b5nv4Q7yZcnrKSAbpXTWj3bvhRBLko-B9sVVVq3zUMzBIgIYG1JODnKkrgKaoACpEecuGJHHQF2e9nTrWZpB6q_Wdvi8p7Vbp-1OFkytZp5uXUru9veoGmQRgAEsD90LqMMZYQrQ0tyt8C0w9NwcITBAB3CVsOkzi_POZ2Q6Kep8_gsBcrE5QbGXaM4L1jlZCfcoNIJFjgC4UEyuBbcj0TyK18141rKjhHR1RkAz22UR7e2FcFPEDKOuHCJEaXxz-DCAmELez_fXmvpl2RuE_3Dpq7pLOwL_7a5xwGQVLKp50F1l3vaLPieExFY_ZY9JC0zViE8YezFNQQR5sLdGjdpMeo9hoWl-o2QLssbBdGQAU4kRUcRqIpBAHTW7NvovXYQIM3biy-JSGnDVEL7iQ15Z-O3fsmSY0k-iDcDyuoPcVlDeqeDihc5XpoarpIpj2Ri2Lre_TwM3XdCl8bbLoTdZ4yf9NsUF0F-Fs_adAnpEpXD15UqSa59BLziH4LQ6RBojrWObI5t6N_ZS0JjTuI9shA6xKccAAxyKKjtt-NChSrF4o3qbLe6CuolpLshReM5_O9FDgvH4KPQuRZ3Z81gzUXYvHsL7BC4XbqQuRSvgEaA0JfntQ5bj2GXqwp32QdFRTimbxZght9irWGsNyGX7X8gpBCI1lzz7OA2F1sbnRD3FtMgKvzsUojZ0xeELKihsBQbGdPVQou2jOjOT6D2GNkcjqJZ9_ACr5fKhy3WyPQJwCy8HVxyO9cJeAYzF4CiPVkL_I7PEMPj-7mAAGlBbUfyqKOcA0VtvQ5RPySNAOvO9ctZ9zvsDbzH5QN62H_pKE2QW2BQw9xe1iYa-5ePt8uB-4kYsZV6lAHVDe3W1PU004fpIo9FsTSlt7YGJEXvD6q39A1xDsNANGXdqJBVh5PphJJLUZ_2UiXBZzBrOxum7okZSS3_N92xp-g4KnNxIJZjKFPPzmxzYOevKVjFqYNyt4yCrABVWBuuAmYZJHZAi5ijX6cUhcmtzBFIuEHQDOUwajGS44anFgZ3l3IGJuPW9F-EqAJdxcGVTPzRgNkia4ODPl59PrvAqrCVUxMyius2Ozu4o4VyVeS_ax_aisdJrF_DqCko-BSxb9R3mNId32BPh4MlHeGnZMuoUWXYgPOKPpZXDMSXUFLe_yDe5F8YxGDHBqwY_CsFL5blO37U2OCgqvbWwlQFeJJdBQY0WOhgoy_2ogYg4DWpKrzhhsn_qD8CHidMVS0goiNTstrazFFPkwOzrkG69UqVISINA0C-8nulVJjdgXCx0cqu7-vRosh2obi5IJFz6Lh9uwHEJO9kEwTnWIJ3syP4vfiieqRWcTERPi9JfPlWvfXzTjMcC1IonzrDL56-nf7ukup79gt6gqhT7dzcvfLFSIXRvmZIOTCq1otamwd-WFdam7iy2on4gfS5n-sFYHoiAtmZEVv-DFdTCjXk-zLVlinxLzxaNMsGM8OmmyqdUIO1WjtEpV-PIdrBgugGHjk1HAv-6nBH6dTZr6qJBkzIEJ-XujJ8cq4aEP4zUgDE7PCP-c4MbO0MUC18Z99P47041OkajhuYs1kVuvAQhkYvJWIYlzjFNfruv7WkVl4D3CcUaumH2GnS-oEUZrYK5E21P1KqJXtdRIaolWe7aUhtJQD4MhP0wvbWtc8iBMbfV9GV7izE7pPAMFV0mCt9mul7SFB3SzUy30vIA-8LLKYEa1tWa5r1NQ1k-eK8rnBt0iuG-C56Z3xO5Z8dfEXn6fN3lPXPbx1MEEKHElUiG0ID-AD0d5EJmRnQVyd8rHkxE5PXU85RpLcb2pjHdYub9GoEzPizQz8vUH5nkXXdrVZ0_M36dc50PB8zqGQeOgyeN52Sa2ZPCAYLHORZy_HQX8OcaEBv1R3KepBZJhBeRTLCJ70PwyVp9Rg0yLrkf4U9bNN0hK2OLTkI8bsEZHdlSQ6-M1TONUKaix0WDHWNi_tPhl8od3lVW84Z0Hc8b75zG4IUtHTVteLFvLfo6V07mjspTNPygNFb9uGVjqev2AgfX8tkjiiyDa28r1WQRBuVU870ZxPmApwSBawQHPfNcIE_X6ksNujeNXtcLTeQxD2APmP0E27Ib3M-k01ePqW4ghXPD2fpnAkvFe34-jz-lbOhaZmzUCnKWri6vCExLaKSzgx_BSxoYcn03KIaAwZr7tKw4tHoHdIhw-QdiZSw9Hbkbet-ZEM2-2PtFESuh6229jgBJv7xubomIrynRwfXoKfCZXE6JsvMu0l2kWvAoem9DJrtEXEHu9AvMDInPRouO1zWc_YHDHDfwOib3LJr__aU_7VOi3YZuXk7JcIIgrIPCJuzqQhmWlSjQh-ZBEyiwsJyFMl947KtVPL40OjGRcpBSlnf1eAALHRK7fl2OZwssxuVlMJvCs2WgCcqWPvXeLKHhxC9j1EcS1JMM6i8-1GjfyQosw9M2Y4ccHvTEKMgyGX_h0kTMPFdWfX89uzgrXZq_jBUZLSzsbDpnzODR1jDz1iBpr9DhH_JJBHOCJeyRYGmgs2p6DA1PpUJAxYO2da2P2-hrNSr4Kn1q1thzInb0hH_4lkn5mYql8KXXSba-fJ7kW7MDjkk1MH5pMKnroP3P1_Wsigv7bCN2YQXE2OGqEtg2mUj6jFLIX6zdkdMc3JBB33b_4v4G9iXWf3ogGrUj-aKbJziT27GA2vtslslvsp_pcKSjtEFL-GA_LiuV3JhfLAYTpW740dL-2magcZapiyG7tagJzbbjGxRH1AzCpamAJIJg6tqLonIvfzY4Q5_vXMlVdsYm4vTqqiHj6rqMyVIoqMp61huYpRwIzq7SvD2Nwb0w_TZy6h1y6fO5dbuluO0YUa7BT7McpN9BR1iAH2HDayPMx4OiaRk8RSjqPiAyX-AhIcc9zOhYnCBpwheI4QhZhMns_qsDlB-19aXS5EMCbPoB_SbiK0KCczhTECEk9yswDDulzUwg44rBqX1laZH_X6KOR2RQitolYwsKe8ecJl7Ztepfh5LHAY40wXHwvZ7Mxrl881G-q0jUHQ&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=13750783698460334000&adk=3037181500&idt=132&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e135b1762fd650e36feff396f26e0cf88c4cd10c2000667f9b932fa61b0d1c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8941459241154&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8941459241154&version=m202309260101&ct=77&x=1&cor=6172749018976633000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8E8F 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkXme7AGeoQmFAieATEq2Oib6uFfgriQB1OhgkX2VFHvUB81m-06qBLDXLRsdyRpCdvw3bUT-NCf9ea7IpDDpKLXLh8bDTHI6R5S2qfHxrGm0i7YYotlb9oed9AHI9LeCD6jTLpIJ-LbtlMDHfx2cMlDG2ZiRWbarKHNqJpTDgT6eWx1A&cry=1&dbm_d=AKAmf-ANKNtEb6B6CJv4fNUbRFzHW6HCFmVuV1sO8dH5Bxf2iT7EddvwchL67WbAj8hjo9ckIVlSXgFPOSVTl7LwawMqOgCSg4-WOlOJdaaEwkBv0tzaVurNXMu9pMPrpk5LC1oNVu8jmXSRLTGBg3LX8NKERSsOe023XLzJcbGaMT9gYjTZxUbo6G6NmOAzryQPaSBs4-FLwlnSjm3tMrg_SnVAxvBMRkctVyVz2pb74tKCOQJckNOpr-Y1C8FjIXIVmgPfQ05o6tSj5owmj1n0OA0r863hyaSZraWPF8_YNAAsMAAxXt9AzreIvSRl6rRQyzJP3KAc5glVuntOHLCnTFPGZ-zcKV_Bqg1kV3uPx-BeBy9evCp15Rs8INBeoQwkfDsCs4bzeHOMFDaKpztSeLgDvt5rdU3Ird5nH7Ycugw5k2ChoOAHc9Tbynx0wGkF9Y5d6DlB7B4OkfFLtD3iPpis3PN88rsCd7uLn-4txEK5Us98vaWVVL2LjDyiUQqpl1QBSXudXEPepABOyUxtZajYqVrDHHazZ0gfjuYEZcV10aClX_KgM1RzT_-Bi-kIxkwm3gJpuXIqAFvPligvL9CnZw7aWDSu5rDpThJm7qtNG2No5l2n-00AYQR8tZfugrzXEAnJ2fXXr1EuAdOCr4L0-XRFp2Vz_i8yXqVbTZZ05hBacKV_N9aJZLUTrdbSl_ZsoreR9rW9maErJ8Y1H4TMyA9sESbUjXHsr2YcTsbyFZKcLEdia73G7CLiQ89ea4jgV3xhxWiBVavzRj6a-jqEouFScdcgQG-o3x0G6ED1JBoE1KVWMeoNaLQ8_Hj4hg6DutPEowF_Jf3L7nPkZcuzBXoKiCYrK2sWaYj3aicK00n8MkwQTy7RarXYlWWioZVSpNBXjxWLV_oxlE9O8S3ADngJIucl1_Jwk-obhmVohTAmihj6Zu3opUWr9BKoE7onC-xP1Uh0xz88lcXHYRzEP1jNUCT0b-V_DIemfpkIRfnY-L06_5Jz1NeBXK85dmSuYfV_fG99Stlw-v7WXIotSztKho_vAzCeJWWOt4egUJGVueqGCwpTM4inmN4UEddzigmmosvhf1991jOaxeCIoAOHa-hNZ7X6e4rXG_YdO9GPnRF3cCEihSqimHKwREk1yHBbwgaVamPvLxsxT5RnFdXsU182gBJvzPwSKzW4fH5WBoqoZLGtxaTluXVLzQNK5yOxsLNFmZxCbpz8LLq5KQ2AtdX07HVscvu8jaCh8IeygMmDbFg_y-yS8JZpCPYRfbBwrKqR-QDCg1oJT98c_Jgp1Bfy_Tev_1drhww8QoER4otHsehPBZKOH0oGwdvlMc-Fas7mCOqEsyPS7Er3eFtjg4smxZJdqCYdiM7NU0LmINL1bA_8SFSpel5jGnTlcO789CW7R9FNJ4XYYWKZMJNC6YJcLwIGKpr4G4XK-guNnHnp5K5uxHHl7-gcT7bfmDzQXTMKNEas_jRXqPavCu0VUQMYQYHLjStqbwgZmPAxWd1HNxbS_GgWuOXdWjRXrJQl8fMXmGYUTj_IAWFAU47dndQFZ6qMVBAZ_OfA1w45NbDsOHlmc40mB-TCMvqmt8hDKoWsU_idtkL_MPQulosWrSY6-d_KbSXq1olDZmZYzrCbuCz3trwLCG-ldwjgjDyW7cwq9o-0eEzZWSKBtgKXjgDdsORH7V1A2TC_4TIX2PBSvAQtGR4eKiO7I3AT-8PQ_oYLMUrEKjxXPf0CmHX4hS2IQRenk94q6FQvFh5OlIXyHuyqXDzahDzjRYBlQMwo6dAbpP7WQTnKJVT2DKXAdONJ2Skw2lDq9qJ18VmjkfteSpPy8Zljf3A-bd0lvVCmFc8LVxL9eIyN6qDtcFRzdy3eBNN6DskgIZPStwcyAaaY77qe2xUrQ8_S1F-EkKypprVzi0Xw7GAqg-oMbCrx1nVeIMTmpXGY1GKVQd2ifdFL_cKH6LjHfTJTA7O0u09Miv-bhnZXFtBBzUqtVcV3MBq_0o7TG0TAW20LZC0t_lJr_vSI9iTkLqzxEwoNmrymLPxY9uNQGGkbM_ZU1kNZHx9toVdDd1C4G-Zh2gk5S1FEALluMd-T6H5vfWDyb7BqsAxNXoY6njT_ECgl0rSc4Khvgf4kXs3Lt5tzf8bMF13g3U1EtzcaddB2E_1dUAqVh4DhiGzRLwSCRE7ov_1lVwfORoBlvVmzhHjnwr6NAHnqZgx-y5jKWNz9WDn5bAygEVZrsevV1JF64xu1Ij-tDYVv9Ffb5CyMB6KB9-ckj-bGfHKIsOFbNEzezOrcBsX_-dL2iJAdcfPYTYt4XZzSb1h8yXb82CLKXwfrcOTwtP6j3UMUfhwdGhroFrhsXPiDLuEj5O4ADrBKZ3bLJtmHXhxCFW_5DZwjBd0rHnjkN9IQqPWtsjMexNFCsxUL0wGnfcLKSxUP_7kwmFaglHqnwIiCgBys8Gl1UecWOfckSwY-c1cYHPpNi-l2S7jTy6f9K6yuX10y6bdec5JbrS4tyfXnxAiCMTzTgBWlRy7fCj-lyFCdOZTeRkuT8ekkGHR780KN2ZaDgNmH-fsXHeLfZi9536EHxSbX_jg8_O4ILfqYbE__mjnhfpDoR2k-kmcYNcT9FNsrgmHc8yx8D4--29Ax_OJlEwZSLLOSDsEZhkh83zkXYRbRY0OJTyJsICr4cFtTHXVY9iXIDtFhdu1R-ot5oR_YXIFaHRKksBsBaxkvfRzNb-X3Oogha9pIBK0808HSSmf2qkioXSHmisz28iIEyDlCpq1Wsvn7A9KgV98t45PseCENPeuUezMGu3BFsh3QWL3ZbrsK62I5FR-eB_h1DZ3VPBRFD0YxUlc5yuRmiViiODce9ZV2q3VDiQZ9NdSsolCYcTHTq-NfvKfJjSqZxssr28QcV0dIqn16vcqjXnhJ8FIgRRJ_Y60l5HZqOrI7OhMVeXBD0aExBfiKbKbPXXgpqIx6buJPNeK3uV33zwZ-xPCA2MLygXYPIPErZUEZAFHYvO6tWI45x5CFLXrJAvib5gvNQlz9uzHvN8zChA-KaRgEIle0hrXUIX61NVfsaEMYPTAnmfBt7INf5l_xBHWqSVY53k1Jq2516MHVRAkIQBfqmE6p0r0k_EyqMPt00G1YwsDPDYoarx3eOfqHK_ZjRbf8uWmC2Nz4SxYn34turjsi2Q0uus_vJdxNwJ9QNjqPPA9e0tBVivooa4f8bu4oGqOYpnYzcExlkgUgmTDdHcWsE4S5b_QjstM9AyHvW2ySWjwmCdL0IKs-kjnynlW_t2r1uKUywZiCt25IQnLRzgIHO1u7AXWIb7l5m_1wcCnfa7URgufiHqEBpTQw12MI1qrmqWtvlU0DzofcV1NUumVEfgi50DyZbAZ99OuIjyQASWZzL5JcbQa-1us717k-aOr5E2BKxxamwlgDxzf9o26MmUVWmHsLYw4mwgaS7o5Bfep5pBfo9kweLTkjoD6DzIJlqLme8B3ZPK-UjaaV0oyRrSP5pBNZjr5DAr3y3X4CAte-5Zpa3yhmTWgb2fX_2VOUXsUK7GkdkgRFDNndUCJ-ZVsPrCK7nN27YUymqWQPbwkfFjK6HGADCu9xwBKo9-adwe7Ng4bgslYJE8DJvnUapSeBTBUrllXIu-udAShLm1rD1KtudBDTTo9FczeFzPiMekfdTdAXVVD3qa4_VDJX5ZCWlL5yjMCs2lzJhi1AwYBLMf8vmY2-2_fv888a8sTHNbtFafdJWEjTsgiuWSGrIQe2QHULhKMAWOaAt_mub2UNXu5S5J-DfBgs4Dq60aNWeEWBq-XuIG5vRI-QkaWXRNFU2H3gv_ZbM7hZQ3osQzo3D1sZtRN_QA&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=6172749018976633000&adk=2004672170&idt=134&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec047e038c204b30bb17946515fde58e15e2f231c5d9dca49ef5b1689c59f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14104
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 61CE 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:14:43 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 61CE 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 04:12:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1B29 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 85C6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 769C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbxGAITxmZc2vK9LbgQetqpuAA8SUkIByhIWwo78SChABIMT8ip0BYJW6poKwB6AB0oDgiQPIAQmpAj1rq1s8aLI-4AIAqAMByAMKqgSZAk_QHWUTSQdaEVj5LGUBSFPlb4wB3VFLlHTsgDY2syi_-RsjwLhmh5hBjrjtBi1tWVNiiOIGkMdjIob4QocVc0hlyBBGGHFiaZkP2ETI1g_Gxjhs0hty6UgRtVSOKvnUNxGdpQZjPI7-FLJZbZwiFQ_nIFY9vp9-OFva87NaoGUqQi5Ns_GKf0BtAt5zmOcymdV6XHWkBuBAwHqWFXqul6DJGIYpK_nSKdu-PsyFbJ6sF_CKdGRn2nS0ZIScQXwldz4H0WPNokijMkhNatwWMJ2jdUUJXBKyFOUpcOMn1VMMo6P6WYJALNjg9cATCrB0F8HZLE5mHHmjroIvUl3gZv4gEt2AHNAfP_TuwZHIFKRO6CaOROhm73AuwATXlP2PpQTgBAGIBb6TwORHkgUECAQYAZIFBAgFGASgBi6AB5b_n3aoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDRugvSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglwaHR0cHM6Ly93d3cuaG9zdHByZXNzLmRlL2RlbW8tdW16dWcvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09c2VhJnV0bV9jYW1wYWlnbj1zcGVlZHRlc3QmdXRtX3Rlcm09Z29vZ2xlLXNlYYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwiC16PYs-eCAxXSbeAKHS3VBjC4E-QD2BMN0BUBgBcBshcfCh0IABIUcHViLTY3OTEwMzc1NjA3NDk2MTkY__2VAQ&sigh=uAxSnWnNTOs&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E2C5 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:14:43 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame E2C5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 04:12:33 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8E8F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkXme7AGeoQmFAieATEq2Oib6uFfgriQB1OhgkX2VFHvUB81m-06qBLDXLRsdyRpCdvw3bUT-NCf9ea7IpDDpKLXLh8bDTHI6R5S2qfHxrGm0i7YYotlb9oed9AHI9LeCD6jTLpIJ-LbtlMDHfx2cMlDG2ZiRWbarKHNqJpTDgT6eWx1A&cry=1&dbm_d=AKAmf-ANKNtEb6B6CJv4fNUbRFzHW6HCFmVuV1sO8dH5Bxf2iT7EddvwchL67WbAj8hjo9ckIVlSXgFPOSVTl7LwawMqOgCSg4-WOlOJdaaEwkBv0tzaVurNXMu9pMPrpk5LC1oNVu8jmXSRLTGBg3LX8NKERSsOe023XLzJcbGaMT9gYjTZxUbo6G6NmOAzryQPaSBs4-FLwlnSjm3tMrg_SnVAxvBMRkctVyVz2pb74tKCOQJckNOpr-Y1C8FjIXIVmgPfQ05o6tSj5owmj1n0OA0r863hyaSZraWPF8_YNAAsMAAxXt9AzreIvSRl6rRQyzJP3KAc5glVuntOHLCnTFPGZ-zcKV_Bqg1kV3uPx-BeBy9evCp15Rs8INBeoQwkfDsCs4bzeHOMFDaKpztSeLgDvt5rdU3Ird5nH7Ycugw5k2ChoOAHc9Tbynx0wGkF9Y5d6DlB7B4OkfFLtD3iPpis3PN88rsCd7uLn-4txEK5Us98vaWVVL2LjDyiUQqpl1QBSXudXEPepABOyUxtZajYqVrDHHazZ0gfjuYEZcV10aClX_KgM1RzT_-Bi-kIxkwm3gJpuXIqAFvPligvL9CnZw7aWDSu5rDpThJm7qtNG2No5l2n-00AYQR8tZfugrzXEAnJ2fXXr1EuAdOCr4L0-XRFp2Vz_i8yXqVbTZZ05hBacKV_N9aJZLUTrdbSl_ZsoreR9rW9maErJ8Y1H4TMyA9sESbUjXHsr2YcTsbyFZKcLEdia73G7CLiQ89ea4jgV3xhxWiBVavzRj6a-jqEouFScdcgQG-o3x0G6ED1JBoE1KVWMeoNaLQ8_Hj4hg6DutPEowF_Jf3L7nPkZcuzBXoKiCYrK2sWaYj3aicK00n8MkwQTy7RarXYlWWioZVSpNBXjxWLV_oxlE9O8S3ADngJIucl1_Jwk-obhmVohTAmihj6Zu3opUWr9BKoE7onC-xP1Uh0xz88lcXHYRzEP1jNUCT0b-V_DIemfpkIRfnY-L06_5Jz1NeBXK85dmSuYfV_fG99Stlw-v7WXIotSztKho_vAzCeJWWOt4egUJGVueqGCwpTM4inmN4UEddzigmmosvhf1991jOaxeCIoAOHa-hNZ7X6e4rXG_YdO9GPnRF3cCEihSqimHKwREk1yHBbwgaVamPvLxsxT5RnFdXsU182gBJvzPwSKzW4fH5WBoqoZLGtxaTluXVLzQNK5yOxsLNFmZxCbpz8LLq5KQ2AtdX07HVscvu8jaCh8IeygMmDbFg_y-yS8JZpCPYRfbBwrKqR-QDCg1oJT98c_Jgp1Bfy_Tev_1drhww8QoER4otHsehPBZKOH0oGwdvlMc-Fas7mCOqEsyPS7Er3eFtjg4smxZJdqCYdiM7NU0LmINL1bA_8SFSpel5jGnTlcO789CW7R9FNJ4XYYWKZMJNC6YJcLwIGKpr4G4XK-guNnHnp5K5uxHHl7-gcT7bfmDzQXTMKNEas_jRXqPavCu0VUQMYQYHLjStqbwgZmPAxWd1HNxbS_GgWuOXdWjRXrJQl8fMXmGYUTj_IAWFAU47dndQFZ6qMVBAZ_OfA1w45NbDsOHlmc40mB-TCMvqmt8hDKoWsU_idtkL_MPQulosWrSY6-d_KbSXq1olDZmZYzrCbuCz3trwLCG-ldwjgjDyW7cwq9o-0eEzZWSKBtgKXjgDdsORH7V1A2TC_4TIX2PBSvAQtGR4eKiO7I3AT-8PQ_oYLMUrEKjxXPf0CmHX4hS2IQRenk94q6FQvFh5OlIXyHuyqXDzahDzjRYBlQMwo6dAbpP7WQTnKJVT2DKXAdONJ2Skw2lDq9qJ18VmjkfteSpPy8Zljf3A-bd0lvVCmFc8LVxL9eIyN6qDtcFRzdy3eBNN6DskgIZPStwcyAaaY77qe2xUrQ8_S1F-EkKypprVzi0Xw7GAqg-oMbCrx1nVeIMTmpXGY1GKVQd2ifdFL_cKH6LjHfTJTA7O0u09Miv-bhnZXFtBBzUqtVcV3MBq_0o7TG0TAW20LZC0t_lJr_vSI9iTkLqzxEwoNmrymLPxY9uNQGGkbM_ZU1kNZHx9toVdDd1C4G-Zh2gk5S1FEALluMd-T6H5vfWDyb7BqsAxNXoY6njT_ECgl0rSc4Khvgf4kXs3Lt5tzf8bMF13g3U1EtzcaddB2E_1dUAqVh4DhiGzRLwSCRE7ov_1lVwfORoBlvVmzhHjnwr6NAHnqZgx-y5jKWNz9WDn5bAygEVZrsevV1JF64xu1Ij-tDYVv9Ffb5CyMB6KB9-ckj-bGfHKIsOFbNEzezOrcBsX_-dL2iJAdcfPYTYt4XZzSb1h8yXb82CLKXwfrcOTwtP6j3UMUfhwdGhroFrhsXPiDLuEj5O4ADrBKZ3bLJtmHXhxCFW_5DZwjBd0rHnjkN9IQqPWtsjMexNFCsxUL0wGnfcLKSxUP_7kwmFaglHqnwIiCgBys8Gl1UecWOfckSwY-c1cYHPpNi-l2S7jTy6f9K6yuX10y6bdec5JbrS4tyfXnxAiCMTzTgBWlRy7fCj-lyFCdOZTeRkuT8ekkGHR780KN2ZaDgNmH-fsXHeLfZi9536EHxSbX_jg8_O4ILfqYbE__mjnhfpDoR2k-kmcYNcT9FNsrgmHc8yx8D4--29Ax_OJlEwZSLLOSDsEZhkh83zkXYRbRY0OJTyJsICr4cFtTHXVY9iXIDtFhdu1R-ot5oR_YXIFaHRKksBsBaxkvfRzNb-X3Oogha9pIBK0808HSSmf2qkioXSHmisz28iIEyDlCpq1Wsvn7A9KgV98t45PseCENPeuUezMGu3BFsh3QWL3ZbrsK62I5FR-eB_h1DZ3VPBRFD0YxUlc5yuRmiViiODce9ZV2q3VDiQZ9NdSsolCYcTHTq-NfvKfJjSqZxssr28QcV0dIqn16vcqjXnhJ8FIgRRJ_Y60l5HZqOrI7OhMVeXBD0aExBfiKbKbPXXgpqIx6buJPNeK3uV33zwZ-xPCA2MLygXYPIPErZUEZAFHYvO6tWI45x5CFLXrJAvib5gvNQlz9uzHvN8zChA-KaRgEIle0hrXUIX61NVfsaEMYPTAnmfBt7INf5l_xBHWqSVY53k1Jq2516MHVRAkIQBfqmE6p0r0k_EyqMPt00G1YwsDPDYoarx3eOfqHK_ZjRbf8uWmC2Nz4SxYn34turjsi2Q0uus_vJdxNwJ9QNjqPPA9e0tBVivooa4f8bu4oGqOYpnYzcExlkgUgmTDdHcWsE4S5b_QjstM9AyHvW2ySWjwmCdL0IKs-kjnynlW_t2r1uKUywZiCt25IQnLRzgIHO1u7AXWIb7l5m_1wcCnfa7URgufiHqEBpTQw12MI1qrmqWtvlU0DzofcV1NUumVEfgi50DyZbAZ99OuIjyQASWZzL5JcbQa-1us717k-aOr5E2BKxxamwlgDxzf9o26MmUVWmHsLYw4mwgaS7o5Bfep5pBfo9kweLTkjoD6DzIJlqLme8B3ZPK-UjaaV0oyRrSP5pBNZjr5DAr3y3X4CAte-5Zpa3yhmTWgb2fX_2VOUXsUK7GkdkgRFDNndUCJ-ZVsPrCK7nN27YUymqWQPbwkfFjK6HGADCu9xwBKo9-adwe7Ng4bgslYJE8DJvnUapSeBTBUrllXIu-udAShLm1rD1KtudBDTTo9FczeFzPiMekfdTdAXVVD3qa4_VDJX5ZCWlL5yjMCs2lzJhi1AwYBLMf8vmY2-2_fv888a8sTHNbtFafdJWEjTsgiuWSGrIQe2QHULhKMAWOaAt_mub2UNXu5S5J-DfBgs4Dq60aNWeEWBq-XuIG5vRI-QkaWXRNFU2H3gv_ZbM7hZQ3osQzo3D1sZtRN_QA&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=6172749018976633000&adk=2004672170&idt=134&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA0ODUzOAogIHNlcnZlcl9pcDogMTM0MDYxOTcwCiAgcHJvY2Vzc19pZDogNTg3NDgzMDE1Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 8E8F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA0ODUzOAogIHNlcnZlcl9pcDogMTM0MDYxOTcwCiAgcHJvY2Vzc19pZDogNTg3NDgzMDE1Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE0MzE0MTk1ODkxNzg1Njk4ODM3CmRlYnVnX2tleTogMjcxNTg0NzMxNjkwMjk1NDk3MgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTg5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA3MDY3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc609a60aeef815520000000000000000","13":"0xdc96607a738f84370000000000000000","14":"0xcef74da04684df550000000000000000","15":"0x1ae27b42d1ce0e0a0000000000000000"},"debug_key":"2715847316902954972","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"14314195891785698837"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DD3E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8SCZgOousehW9P6cHOV4hT3XK5RDiXuRfQnW_a03mgMFo09Vd_itKd56M0UJ9XwTZzTYe3qOvcWpU2bamssBOhr6RaRX2qDgGSk28vfb5R3xlIKciIgYrx_XnDYH6E2AtiTymmAmgw2EGUiHtbbnCAONWZB6zrMxFJl8lUI_T7tX02DQ&cry=1&dbm_d=AKAmf-CToagw12VGwFAIP-aQfJsepbRHoRdvHEeRlsOmvqnryWmeB5p7Zs9KuZwco4tt_qW86cFsdi52DLc6nx3hQ2oOnURasGRpQGDkGQcPN4uWVFSiFkAOfxA-A8bCvB6iRjZVAw8rk8w8p2m_ejZIhTIeCNch7CKWO0XunrR0CvZXeUOlKF-tIhPDZCafSEnxalNzay7jFLiKcw78ThBE_2fFHIMfBrElWfDE09DzphoL5niInm1WjDj_vTQ9giCYgNgF0PPRCv7JmQddL5Lp4EhyOpzjCHpLWGXGm0ajgvcH5XJdVfWRHh1ZNOnxPkYpLg-LUCrTlIM69KeK8AsBqCbbDqdswLz6Z1tLQOZSz2Ncz5TtkAzqiWAQUxDE_zc89b80pPJDqVhKVBWdj6e1kqO1nicOcl6LvhoyyXHWWViMGpoPM89rj4wIH6Qfy1VLsirfvQJquTFfuvrSk8eo__gKa2vEFvKwD3h4pVmCY6hM0y9KBuroNlKtSN8gEIJBmAEscVt2nfbv_i7VEa1GTyrK3VMCdwJFT29be9yKcZ9jPEG8XDIKlzP0R1cgRhRnIQUo8hNgoxdILaMKx851iGes4rNyR9GLDhts-OBRJIpnOe6TqR3PHjOUTCL01HDSQEUYSoqMoYWsIGyTwPrzRkM__QUkJcsv_P1skjiLKmKrc4C4VZ6Xn7HLiGfJ6WxzkSgqA0C4g2-Xt7uXM4YT4wE5giUREJshA8f5GOO4eOQT27k7nSMJgKTVSL3yuLg9wRZko2tLuG3VwZoPSpHKsm1EelLqIJLfCq2bowL4sJJcymR9b5nv4Q7yZcnrKSAbpXTWj3bvhRBLko-B9sVVVq3zUMzBIgIYG1JODnKkrgKaoACpEecuGJHHQF2e9nTrWZpB6q_Wdvi8p7Vbp-1OFkytZp5uXUru9veoGmQRgAEsD90LqMMZYQrQ0tyt8C0w9NwcITBAB3CVsOkzi_POZ2Q6Kep8_gsBcrE5QbGXaM4L1jlZCfcoNIJFjgC4UEyuBbcj0TyK18141rKjhHR1RkAz22UR7e2FcFPEDKOuHCJEaXxz-DCAmELez_fXmvpl2RuE_3Dpq7pLOwL_7a5xwGQVLKp50F1l3vaLPieExFY_ZY9JC0zViE8YezFNQQR5sLdGjdpMeo9hoWl-o2QLssbBdGQAU4kRUcRqIpBAHTW7NvovXYQIM3biy-JSGnDVEL7iQ15Z-O3fsmSY0k-iDcDyuoPcVlDeqeDihc5XpoarpIpj2Ri2Lre_TwM3XdCl8bbLoTdZ4yf9NsUF0F-Fs_adAnpEpXD15UqSa59BLziH4LQ6RBojrWObI5t6N_ZS0JjTuI9shA6xKccAAxyKKjtt-NChSrF4o3qbLe6CuolpLshReM5_O9FDgvH4KPQuRZ3Z81gzUXYvHsL7BC4XbqQuRSvgEaA0JfntQ5bj2GXqwp32QdFRTimbxZght9irWGsNyGX7X8gpBCI1lzz7OA2F1sbnRD3FtMgKvzsUojZ0xeELKihsBQbGdPVQou2jOjOT6D2GNkcjqJZ9_ACr5fKhy3WyPQJwCy8HVxyO9cJeAYzF4CiPVkL_I7PEMPj-7mAAGlBbUfyqKOcA0VtvQ5RPySNAOvO9ctZ9zvsDbzH5QN62H_pKE2QW2BQw9xe1iYa-5ePt8uB-4kYsZV6lAHVDe3W1PU004fpIo9FsTSlt7YGJEXvD6q39A1xDsNANGXdqJBVh5PphJJLUZ_2UiXBZzBrOxum7okZSS3_N92xp-g4KnNxIJZjKFPPzmxzYOevKVjFqYNyt4yCrABVWBuuAmYZJHZAi5ijX6cUhcmtzBFIuEHQDOUwajGS44anFgZ3l3IGJuPW9F-EqAJdxcGVTPzRgNkia4ODPl59PrvAqrCVUxMyius2Ozu4o4VyVeS_ax_aisdJrF_DqCko-BSxb9R3mNId32BPh4MlHeGnZMuoUWXYgPOKPpZXDMSXUFLe_yDe5F8YxGDHBqwY_CsFL5blO37U2OCgqvbWwlQFeJJdBQY0WOhgoy_2ogYg4DWpKrzhhsn_qD8CHidMVS0goiNTstrazFFPkwOzrkG69UqVISINA0C-8nulVJjdgXCx0cqu7-vRosh2obi5IJFz6Lh9uwHEJO9kEwTnWIJ3syP4vfiieqRWcTERPi9JfPlWvfXzTjMcC1IonzrDL56-nf7ukup79gt6gqhT7dzcvfLFSIXRvmZIOTCq1otamwd-WFdam7iy2on4gfS5n-sFYHoiAtmZEVv-DFdTCjXk-zLVlinxLzxaNMsGM8OmmyqdUIO1WjtEpV-PIdrBgugGHjk1HAv-6nBH6dTZr6qJBkzIEJ-XujJ8cq4aEP4zUgDE7PCP-c4MbO0MUC18Z99P47041OkajhuYs1kVuvAQhkYvJWIYlzjFNfruv7WkVl4D3CcUaumH2GnS-oEUZrYK5E21P1KqJXtdRIaolWe7aUhtJQD4MhP0wvbWtc8iBMbfV9GV7izE7pPAMFV0mCt9mul7SFB3SzUy30vIA-8LLKYEa1tWa5r1NQ1k-eK8rnBt0iuG-C56Z3xO5Z8dfEXn6fN3lPXPbx1MEEKHElUiG0ID-AD0d5EJmRnQVyd8rHkxE5PXU85RpLcb2pjHdYub9GoEzPizQz8vUH5nkXXdrVZ0_M36dc50PB8zqGQeOgyeN52Sa2ZPCAYLHORZy_HQX8OcaEBv1R3KepBZJhBeRTLCJ70PwyVp9Rg0yLrkf4U9bNN0hK2OLTkI8bsEZHdlSQ6-M1TONUKaix0WDHWNi_tPhl8od3lVW84Z0Hc8b75zG4IUtHTVteLFvLfo6V07mjspTNPygNFb9uGVjqev2AgfX8tkjiiyDa28r1WQRBuVU870ZxPmApwSBawQHPfNcIE_X6ksNujeNXtcLTeQxD2APmP0E27Ib3M-k01ePqW4ghXPD2fpnAkvFe34-jz-lbOhaZmzUCnKWri6vCExLaKSzgx_BSxoYcn03KIaAwZr7tKw4tHoHdIhw-QdiZSw9Hbkbet-ZEM2-2PtFESuh6229jgBJv7xubomIrynRwfXoKfCZXE6JsvMu0l2kWvAoem9DJrtEXEHu9AvMDInPRouO1zWc_YHDHDfwOib3LJr__aU_7VOi3YZuXk7JcIIgrIPCJuzqQhmWlSjQh-ZBEyiwsJyFMl947KtVPL40OjGRcpBSlnf1eAALHRK7fl2OZwssxuVlMJvCs2WgCcqWPvXeLKHhxC9j1EcS1JMM6i8-1GjfyQosw9M2Y4ccHvTEKMgyGX_h0kTMPFdWfX89uzgrXZq_jBUZLSzsbDpnzODR1jDz1iBpr9DhH_JJBHOCJeyRYGmgs2p6DA1PpUJAxYO2da2P2-hrNSr4Kn1q1thzInb0hH_4lkn5mYql8KXXSba-fJ7kW7MDjkk1MH5pMKnroP3P1_Wsigv7bCN2YQXE2OGqEtg2mUj6jFLIX6zdkdMc3JBB33b_4v4G9iXWf3ogGrUj-aKbJziT27GA2vtslslvsp_pcKSjtEFL-GA_LiuV3JhfLAYTpW740dL-2magcZapiyG7tagJzbbjGxRH1AzCpamAJIJg6tqLonIvfzY4Q5_vXMlVdsYm4vTqqiHj6rqMyVIoqMp61huYpRwIzq7SvD2Nwb0w_TZy6h1y6fO5dbuluO0YUa7BT7McpN9BR1iAH2HDayPMx4OiaRk8RSjqPiAyX-AhIcc9zOhYnCBpwheI4QhZhMns_qsDlB-19aXS5EMCbPoB_SbiK0KCczhTECEk9yswDDulzUwg44rBqX1laZH_X6KOR2RQitolYwsKe8ecJl7Ztepfh5LHAY40wXHwvZ7Mxrl881G-q0jUHQ&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=13750783698460334000&adk=3037181500&idt=132&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA0NjgyMwogIHNlcnZlcl9pcDogMTM5NzkzMzAxCiAgcHJvY2Vzc19pZDogMzE1NDE0MDgxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame DD3E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA0NjgyMwogIHNlcnZlcl9pcDogMTM5NzkzMzAxCiAgcHJvY2Vzc19pZDogMzE1NDE0MDgxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA3NDAzODQyMTAwMjE4Njc3NjY1CmRlYnVnX2tleTogNjA0MDk5OTIzMjY2MTY3MTIxMAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE2MDQxNgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE2OTg2CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc609a60aeef815520000000000000000","13":"0xdc96607a738f84370000000000000000","14":"0xcef74da04684df550000000000000000","15":"0x316cf78e7574723f0000000000000000"},"debug_key":"6040999232661671210","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"7403842100218677665"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 8E8F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1701198881710607&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ad8d73dfbc0774cb492a9790f7b3596c367109fdf7ad74a29eb66253b97ec18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4177
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
jf2y0amzcvu0
hal9000.redintelligence.net/zone/ Frame DD3E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1701198881710606&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d9db9b115fa846c923a939264835b66bda1807bc834774d94a6bdd21c3efa54c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4171
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5C9A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPfPUHUSYAi2l-j2T4B-clKsigivj7wL7A6u2rOi0zO6seCTJFIaGzIFkkbOPn61no94iyvCRbDO60Sfz1LGY416stWHv56D7y1gZVKjs4n9HRkSUHyPTGtSMJnZtK6F6I_ACqgmM1g-kWNnrP62yMKW0Grhl-0dVyYTBKPJld3HTPl6I&cry=1&dbm_d=AKAmf-A5qx3zbvtNk6hNdUAzIWtnIcHJ4nbhIpHAW0RBjAn65R6ziwrKACC6z-GgFXDnPcYccOajD6wA4l1CkSnbLkGxTxupzLbQ1Bve0lEjUqB_IOLpT8_yVdLeFWhN8zJT_yOOz9TTHy8aZUzq1Qngi6HybCuXn_8gibmcdm3fjlTl76jbHTi7F6VR8sCwBChF7KHok5GCJQX76rhaVRXYnhKJo66tyw8gUAa6w0GpSun7rhHlbCbB_MhLyQihhixRXWYJBLwjcyC9rIyewC4T8gMKkj6cnPyALSHRhDndFpLqzds95gw4NtnzwN02wPHHAAL2mhd-JVtrXwo48SgVRiJwMwz261LTI8_9XCrfrfkCdkp3EichM6JMPYtYu0mV3VAf95tgO0E9Sa9rgaDRYjnE2Z64JywlDnYJxrgWI9tWguvUNWLYt2WcyGJxyxy3lUr8oFRHQwrDE7lZcb8te8MS5WQzB0d7pNFkStbx-h4QYVDiRTK_BuUPZzA_ra4rhoNbEI_SrnpmvVOksxyMYy20A01TESpKe_gnYB0-C_WP06sZ-HHypSlCKljSxdHA3y_Lr3nSfqGAFcCM6stzciarkXJrVsF9ti1vAvhS1WvVUMGZkFtWGygpJ0cIsZrH0oo_hd09yUt68n2Bx0pkShxmimAyKpgcKt2EExm763UXYTND2hglapky4BlwOi1NvXuIZqAOhc2u2xAIPSZW1vC1ZFQuKu2piTx_FzdD8urQATgZruNE91uyY4UsFaSzGHNkaawDw0NIvXRnbRrRV4ncujifc8_M-8hvsq8vv2o6rIjifO_tsmduP-J-TRS42n991HQPsiM3tSOt8Fy3TjrtSQa1FygHi_JXwmFbuNpMIeP7xyXjXpTS68lRKiQeTM42CHiXEiYKAXex5ZUjH9ZJ_m3FEtgJQU1NVZvftmweY7XRyUXw0iRw1yJLjIf5gj4D2TgQdllmRbtKTAfTc85StB_WeYFt3akK5VqyuKmvidXYz_2_f54BggwvxZevuQkDPYD67Btff8Ie9uDAVeq27zyXQnkWJXtrBm-ZnDbvr9oExHYZJ4xivHFcPHlIziOaMF74h8eCy4-EQ20xSZ3ip2GoIBpX68VhYBVwHln4nqKbPFQDWZLNTfMMu7AAnBvoiD7vD7NkLfUIofvFM0G7Wh9rwjdXi2F10jE-EQjiWV5ReZTmujUnN-Wpf6iecGwdgV7oeouo6UDyiJV9dSfHVCfJ_ljWLLQJxVd1UJ8FZzR2JlY_TaVHhTe59Z5cFOKkDbmiCsTqVZIox6UXKqbD0QVG_7i8iGj8x4X6ZNf3kfuJAbb7p1FSQ73tc3BLhfJ5fENZmbsqnnAlLTy8mNtX0IEvBW8PviSPBeSrJCFRzs8rRxBLKQz2a9cgZL7wiy9IWRCoxcMl78PiUfK37lU8MRN7U8-SJ6HTVgXzzXx7-IjuMuy4Le7-L-dZPz_HsDjjJSp6YOBwG4J-u7A1YBiKBat0S5AGZCVHl_EW69gaRasQq18_3tQ6C_jn0JoDD77UwDOOF02pgkVpBE327WVo6hpropnLmtFrT_edl5sRed0-MAeSZwjjRXbqiMLePgNPb51rfoQ93d-C2c2Q5Y6-PcVyUkS0Sr6fXP2KKWkz3LOdInKMni_qkFDu9uiTYK5p1dznv4P1T3iO6rYTet0Y5db36pd4E1GWO6JT7PfzdJSU8OZe1XgWTQCKHKNnS61v3__5ncygd143Cd71jmQ1UbyIOQa0_yzCLOsZ7bZ5aCdjbUmP3HF_2nRJ_DG-UABEAwg58VeVbUxplyG6p7I6K3dd9wRhJLYV3KFpWyQgZShn9x_o_c7AFqFmeRF8A9H6vxbB1-gMjygPoJr6gcwkKmZpqTN-jQU1lg6RYpGunT4WODcJpEkFo8YNYEf3FPb5hH8mRzWYZOWjIks1EDUfqMxzncYzD3KF7lQr4ajZERWGuraLLhPiP4G0tO16on54Fujur__LvlV2rAwNHaho0DHFezKr49TrVApQ9FVTaC8e6AhiBo2aquo7YBTcgYs2XNwJAvUix1OTDiy03sL5_6JV36kp4Shx11HC5jU0scLqEUXriGGJVbLc8F14sr5bn_QWR8o80dgVEYUV9kruX1cvGbp2Odd74rzfsJXuEV-GVQCykz3A36DihW9yLVSogC_QZwNMiiGAhaLUwGqmWDoUcjzbKzYITQYLHAytk0krYPJZj3SFiUkS-xnTwzIPPeBLptIAtdZK3J8HZ2Znw820CILuHy1vvAC4yY5y5y-X6jb_AzbQes6GPAL8hwVwfjrwwAWS5h6Df2d4reAnlPOS6OqbdXwxwV9kra75cAor587Kacg9o1nM4RCdHE-60UAUhrnXdr6FbvDBIKrcAmNUrD8dOoctKVHm3gNA8_bmV8SAgS8HJY5-kST89s2WXQmIu3mhPIrkxtudvKjI3LeI9vZR4WYsuuUMRoXgbziJ97E-a7T-WTmpyg_oakjHX0ZIEX0i2YHBLuPn2zv1UtbLMxvKmTfVu1mvKJhmEhVu7_RmgoY_r89gGxq-iIRlzQhH_6IvLwXRe3m9WbMPEp7014vcUi0H60u95UnfgJMEkVjXUbjbBOE-elT1aTFyHsoHwhM6TZA9rRrJx25S6LunfkrP_HJ6wIvvr9jDHUl-vT--rf2_oCb87I_qgiWML0NWSosDZhJLk5CU3QLlUldWf2YQ-tJZwQtBcLGNKZXPhGi31lqPI0n07h3vpgtSZtTTUGkgUGbmVSRyd0DCcy-AZotX-Q1an45IXiq_aj6UoyuQ2eTx_GCAQ3-tvAFHxDaWwRxSpcKlylTmtpEASNfCLKlKNDB78E5j2yOTX7aX7LlluDUHVQE7LOky7j9CYs6B1KpFqqcJ2xHWLzHoCehWQOLTGZ_HhNNsxeSMPt57gwghb259v4X3dPnHdDEenkP6sBP6L6CR-rDn8SgiL4WM9NLlP7ae3fl782ul59si6VufrPhYVuPNagWLxOog4Nvydfok34C41CrJpzi4qcoYqdRcBf9B_HKZnQ4Fg8mXgvboBOKOSfLezvNYzoodG1VHWkdqG4FJ5S25CjsHpMz4D5Jd1dT6BAMkR73d__UputC35j7LGV4NIuf-LzoyTdlHcrQ0vLj794zLUO2Y4vbtMtcE_fuiI48T-Defz3XhVvcBmEEbMVgBQELzv0Ku4DfHlyyIXHODAy8fY21gy6UKb718DxmhfOHjosrp9r8HlIArg4lfc1J-0-YRMp5WH3lR3KZ5Ok-zNmYae4GzeaFjTj9Lg0sZ-XHd8kr1ecm7regKytsIRZSNnZC0O08onrAOrpl4pHiN9DJWcT5I-HgpRzxtjaouGQbtPQWonDOQv9heT-NnEL--_Nvo6j7pKKXWcfY4Lu19eIVUSdbhBJGoPH-NuV4Zxojf6WSlL7Zld-1jLRPGS1FWe7-jqQRqJq9ek-Lm7opQZL_Lk7vO_2MKgfU8fJmuk0yJt9MsIMb-fMgdKpzLT6hZVo82t9zXk074_WU_AqEszYUIG1KqmaCo1-IPk-5JIP6IIZBMyy8xlQfbf7F01MjhT3Z09hERNM4uag6bsN7be8dL85tvbUAg461TWjJgvsa8To03sn_3lhPbzkSVc3lBmlQwdKmNPeXaNbEe9-0-4i5JhQBF7dQRE4lHmEpLKmyaz14_kYR8Ewx4xpcy5vcNp-jFnpF5vV9k8Z1PAxDTjfVocaY8lhaCY8z063fpy3Kyt6Lj-e7eBpuxaIGDlGuuxV2gG-WMuroJ&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=6821525932856409000&adk=3690638929&idt=109&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
10641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5C9A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPfPUHUSYAi2l-j2T4B-clKsigivj7wL7A6u2rOi0zO6seCTJFIaGzIFkkbOPn61no94iyvCRbDO60Sfz1LGY416stWHv56D7y1gZVKjs4n9HRkSUHyPTGtSMJnZtK6F6I_ACqgmM1g-kWNnrP62yMKW0Grhl-0dVyYTBKPJld3HTPl6I&cry=1&dbm_d=AKAmf-A5qx3zbvtNk6hNdUAzIWtnIcHJ4nbhIpHAW0RBjAn65R6ziwrKACC6z-GgFXDnPcYccOajD6wA4l1CkSnbLkGxTxupzLbQ1Bve0lEjUqB_IOLpT8_yVdLeFWhN8zJT_yOOz9TTHy8aZUzq1Qngi6HybCuXn_8gibmcdm3fjlTl76jbHTi7F6VR8sCwBChF7KHok5GCJQX76rhaVRXYnhKJo66tyw8gUAa6w0GpSun7rhHlbCbB_MhLyQihhixRXWYJBLwjcyC9rIyewC4T8gMKkj6cnPyALSHRhDndFpLqzds95gw4NtnzwN02wPHHAAL2mhd-JVtrXwo48SgVRiJwMwz261LTI8_9XCrfrfkCdkp3EichM6JMPYtYu0mV3VAf95tgO0E9Sa9rgaDRYjnE2Z64JywlDnYJxrgWI9tWguvUNWLYt2WcyGJxyxy3lUr8oFRHQwrDE7lZcb8te8MS5WQzB0d7pNFkStbx-h4QYVDiRTK_BuUPZzA_ra4rhoNbEI_SrnpmvVOksxyMYy20A01TESpKe_gnYB0-C_WP06sZ-HHypSlCKljSxdHA3y_Lr3nSfqGAFcCM6stzciarkXJrVsF9ti1vAvhS1WvVUMGZkFtWGygpJ0cIsZrH0oo_hd09yUt68n2Bx0pkShxmimAyKpgcKt2EExm763UXYTND2hglapky4BlwOi1NvXuIZqAOhc2u2xAIPSZW1vC1ZFQuKu2piTx_FzdD8urQATgZruNE91uyY4UsFaSzGHNkaawDw0NIvXRnbRrRV4ncujifc8_M-8hvsq8vv2o6rIjifO_tsmduP-J-TRS42n991HQPsiM3tSOt8Fy3TjrtSQa1FygHi_JXwmFbuNpMIeP7xyXjXpTS68lRKiQeTM42CHiXEiYKAXex5ZUjH9ZJ_m3FEtgJQU1NVZvftmweY7XRyUXw0iRw1yJLjIf5gj4D2TgQdllmRbtKTAfTc85StB_WeYFt3akK5VqyuKmvidXYz_2_f54BggwvxZevuQkDPYD67Btff8Ie9uDAVeq27zyXQnkWJXtrBm-ZnDbvr9oExHYZJ4xivHFcPHlIziOaMF74h8eCy4-EQ20xSZ3ip2GoIBpX68VhYBVwHln4nqKbPFQDWZLNTfMMu7AAnBvoiD7vD7NkLfUIofvFM0G7Wh9rwjdXi2F10jE-EQjiWV5ReZTmujUnN-Wpf6iecGwdgV7oeouo6UDyiJV9dSfHVCfJ_ljWLLQJxVd1UJ8FZzR2JlY_TaVHhTe59Z5cFOKkDbmiCsTqVZIox6UXKqbD0QVG_7i8iGj8x4X6ZNf3kfuJAbb7p1FSQ73tc3BLhfJ5fENZmbsqnnAlLTy8mNtX0IEvBW8PviSPBeSrJCFRzs8rRxBLKQz2a9cgZL7wiy9IWRCoxcMl78PiUfK37lU8MRN7U8-SJ6HTVgXzzXx7-IjuMuy4Le7-L-dZPz_HsDjjJSp6YOBwG4J-u7A1YBiKBat0S5AGZCVHl_EW69gaRasQq18_3tQ6C_jn0JoDD77UwDOOF02pgkVpBE327WVo6hpropnLmtFrT_edl5sRed0-MAeSZwjjRXbqiMLePgNPb51rfoQ93d-C2c2Q5Y6-PcVyUkS0Sr6fXP2KKWkz3LOdInKMni_qkFDu9uiTYK5p1dznv4P1T3iO6rYTet0Y5db36pd4E1GWO6JT7PfzdJSU8OZe1XgWTQCKHKNnS61v3__5ncygd143Cd71jmQ1UbyIOQa0_yzCLOsZ7bZ5aCdjbUmP3HF_2nRJ_DG-UABEAwg58VeVbUxplyG6p7I6K3dd9wRhJLYV3KFpWyQgZShn9x_o_c7AFqFmeRF8A9H6vxbB1-gMjygPoJr6gcwkKmZpqTN-jQU1lg6RYpGunT4WODcJpEkFo8YNYEf3FPb5hH8mRzWYZOWjIks1EDUfqMxzncYzD3KF7lQr4ajZERWGuraLLhPiP4G0tO16on54Fujur__LvlV2rAwNHaho0DHFezKr49TrVApQ9FVTaC8e6AhiBo2aquo7YBTcgYs2XNwJAvUix1OTDiy03sL5_6JV36kp4Shx11HC5jU0scLqEUXriGGJVbLc8F14sr5bn_QWR8o80dgVEYUV9kruX1cvGbp2Odd74rzfsJXuEV-GVQCykz3A36DihW9yLVSogC_QZwNMiiGAhaLUwGqmWDoUcjzbKzYITQYLHAytk0krYPJZj3SFiUkS-xnTwzIPPeBLptIAtdZK3J8HZ2Znw820CILuHy1vvAC4yY5y5y-X6jb_AzbQes6GPAL8hwVwfjrwwAWS5h6Df2d4reAnlPOS6OqbdXwxwV9kra75cAor587Kacg9o1nM4RCdHE-60UAUhrnXdr6FbvDBIKrcAmNUrD8dOoctKVHm3gNA8_bmV8SAgS8HJY5-kST89s2WXQmIu3mhPIrkxtudvKjI3LeI9vZR4WYsuuUMRoXgbziJ97E-a7T-WTmpyg_oakjHX0ZIEX0i2YHBLuPn2zv1UtbLMxvKmTfVu1mvKJhmEhVu7_RmgoY_r89gGxq-iIRlzQhH_6IvLwXRe3m9WbMPEp7014vcUi0H60u95UnfgJMEkVjXUbjbBOE-elT1aTFyHsoHwhM6TZA9rRrJx25S6LunfkrP_HJ6wIvvr9jDHUl-vT--rf2_oCb87I_qgiWML0NWSosDZhJLk5CU3QLlUldWf2YQ-tJZwQtBcLGNKZXPhGi31lqPI0n07h3vpgtSZtTTUGkgUGbmVSRyd0DCcy-AZotX-Q1an45IXiq_aj6UoyuQ2eTx_GCAQ3-tvAFHxDaWwRxSpcKlylTmtpEASNfCLKlKNDB78E5j2yOTX7aX7LlluDUHVQE7LOky7j9CYs6B1KpFqqcJ2xHWLzHoCehWQOLTGZ_HhNNsxeSMPt57gwghb259v4X3dPnHdDEenkP6sBP6L6CR-rDn8SgiL4WM9NLlP7ae3fl782ul59si6VufrPhYVuPNagWLxOog4Nvydfok34C41CrJpzi4qcoYqdRcBf9B_HKZnQ4Fg8mXgvboBOKOSfLezvNYzoodG1VHWkdqG4FJ5S25CjsHpMz4D5Jd1dT6BAMkR73d__UputC35j7LGV4NIuf-LzoyTdlHcrQ0vLj794zLUO2Y4vbtMtcE_fuiI48T-Defz3XhVvcBmEEbMVgBQELzv0Ku4DfHlyyIXHODAy8fY21gy6UKb718DxmhfOHjosrp9r8HlIArg4lfc1J-0-YRMp5WH3lR3KZ5Ok-zNmYae4GzeaFjTj9Lg0sZ-XHd8kr1ecm7regKytsIRZSNnZC0O08onrAOrpl4pHiN9DJWcT5I-HgpRzxtjaouGQbtPQWonDOQv9heT-NnEL--_Nvo6j7pKKXWcfY4Lu19eIVUSdbhBJGoPH-NuV4Zxojf6WSlL7Zld-1jLRPGS1FWe7-jqQRqJq9ek-Lm7opQZL_Lk7vO_2MKgfU8fJmuk0yJt9MsIMb-fMgdKpzLT6hZVo82t9zXk074_WU_AqEszYUIG1KqmaCo1-IPk-5JIP6IIZBMyy8xlQfbf7F01MjhT3Z09hERNM4uag6bsN7be8dL85tvbUAg461TWjJgvsa8To03sn_3lhPbzkSVc3lBmlQwdKmNPeXaNbEe9-0-4i5JhQBF7dQRE4lHmEpLKmyaz14_kYR8Ewx4xpcy5vcNp-jFnpF5vV9k8Z1PAxDTjfVocaY8lhaCY8z063fpy3Kyt6Lj-e7eBpuxaIGDlGuuxV2gG-WMuroJ&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.lapa.ninja%2F&ds=l&xdt=1&iif=1&cor=6821525932856409000&adk=3690638929&idt=109&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA1NTM0MwogIHNlcnZlcl9pcDogMTc1NjEzNDQ4CiAgcHJvY2Vzc19pZDogMjE4MTIxMjE4MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0...
ad.doubleclick.net/ddm/activity/ Frame 5C9A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE5ODg4MzA1NTM0MwogIHNlcnZlcl9pcDogMTc1NjEzNDQ4CiAgcHJvY2Vzc19pZDogMjE4MTIxMjE4MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92b2RhZm9uZS5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiA4CmV2ZW50X2ltcHJlc3Npb25faWQ6IDY5OTQzNDUyMzYxNjI0MjMxNQpkZWJ1Z19rZXk6IDEwNjEwMDk1MDEzMjcxOTEwMTI4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU4NTk3NzQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNzc5NTEwMzAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEyMTA5MTQ4ODcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA1NjMzNjM5MDcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MjQzMDMxNTgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdm9kYWZvbmUuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9vdGVsby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2xpb25nYXRlLnNvbHV0aW9ucyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xb8db868784ff298d0000000000000000","13":"0x3d51a0e00139e9ad0000000000000000","14":"0x79ea394bf909e4120000000000000000","15":"0xc6e7162ce30a47240000000000000000"},"debug_key":"10610095013271910128","debug_reporting":true,"destination":"https://vodafone.de","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"8":["5859774"]},"priority":"0","source_event_id":"699434523616242315"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 0824 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuao_uZLvFhZN8MA2MummcpCtj9-6VqYzGxwIvDBtiolrA2TApZfzV5et2O_QiBGUJtkfr4MSDlTDQNNKw88PQS7qaul_X8i9gVL_jnO0R9BgAmkh2SH8FA2XyMlALoCh1jnvv0ZqZw5jWajzEH6P7coVukgmCHJ4pcbdgTSVj9BC2URytM_s-KqXQj9eA_UI7emBH1Y4cs-84wb6T2z9ILLsUWRKDkg-dR3KJTteu-Jja35vaYTrIv5JLF19e82TUD37KswuBS4O9itycJexA8hB5zfhP_dzAhbNFD39yIjzGEXLc3HiIr2g-Kq52qmhBbORJpRWMvayVLNh5Mgd0pkwith1SJJLoTXlEFRY8oUhOBjbdTSL0bIhb6MGKtminEt1-k7g59mAEJBr9rwAYuDjHMMNmqtE1dhVu3N_GVObtLZnmndJzMEb2aA--ufsrKyQN3gaNYmCB-awSbanG2gg3A6PYGdbA7fbr9VDKcS-zzqNtOkDbcylLuS4UkxnkWMd0f0SwlzRJsJzAfdUnmb7b-7g9bCrbsxveM5QQsuh6CLudLnS7lK9jygzS1EedqLDxQVFneR9yi5UEGNuVXdHZohWVX7WPmZMVpuRYC3Cr4T29pv0lMaueu6Op1ySlvZKohq9w6CLqsikTYLE_uGs5VGQnPwKCxnhrXj-E0jcgU-FsUsR9JxdS53semkwvhc434UEsTLN4KscYGkYJtK1UzFcbWRdirh7SDuYLRvESrwEgfeHWaw9u3yM_1zL6VCHaVAgri3ekNMnlVGCkFhjJfuV8Wbu29CHlfzeQpmLJUQSipkmDwDlnyxtRzBUG1s96sJilZwQIJ8zo68Pt2nHUmkCPlDi2T0jJZyRc6xhGztXqQ679dA-Utx_eLLBqN_3hMq9TpLhhXl4RHKmnp3wuTRbIo903Xctu_AN-Q08fwmi2I3tDLKNTUNDf8KNYNddePeT1w1Lxg-RvwqL4AzGSngdV12uLXBTnHWCNWzUMaduXQE_wKrdr0DWzaGOD_7MfW4DqHLBDFjuD7gZeE4F31PE9BNFhTaId9WnT7HcETcaoMXIQDFsVHEdQaI-sBkrfeRPSY14876Lp7thTs1DOLcBnoNqE0oN6ZwIy9OqerUZbYI8AuFjBMwYu765QBr5Lwxr_3-idkVsb5Pvz6f--83Fc_vKRJCDicPfTI7hEjlCxyWaxkYN3Blqa9T6lgSD_R4F3nHBcHPEjw3upb768TpGAhGNxeueRECQFV2cd-5jJQxltyYsQYcWWZTCowMXA4ISBO6Cy2cRg4B4mmAUETHY6ZZO4dPnR363iiYcpPHckgp8cxE6isHoWJaFm2TutQ0Fb8dX_eRoqOdjvwPDwplQCFn1Nb-aWnDpMI1e-veCVdtKWy0Jspo0a_Qd1SvzX2Nf0m6F_T5Xpy1rT5I61eh6-h1sLKNIQSm0eqSFC3cuvH2hk&sai=AMfl-YQgq6y4NXHaJ-ymAhn6VVRZ4mId7wPGiDRM18AyYsVIF_gACqwvw7Bo_QRf2reJUgZxhuj9TJG5GHRTfyDz8Ouw8Mnn1m3jIIbowj96CEWoMPvsLn5dgA2Oi01aB6WkHCSWC8ABJ6dq4Ep96-nJ3gtBLx9FFtP6LaYucPb8nNeopxdGTKCIBatZjdWzSW7i4aFQyS-DHMRRf_zk1P7UpKf7p5sr_aWkGiM12ashT2har48_iIxMAsvD0FTxcwvUfhv6x1ZRHS5b4r-galxqr8dCccVFSt9JrDjls9H-D1nLR-LR79EPcqKCRQT_4FzYCb7yH45D2Ej_RcQOj96h8hwEQrfkfm0OIZgckDbSoCShmB-1M4TLPSwTnD1iwn5vOKPxCIQPXUzADcxzJIZOHa53eaxrl-66S-Wtly0Vzi43&sig=Cg0ArKJSzFPzwQSZ9zFIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=361&vt=11&dtpt=210&dett=3&cstd=147&cisv=r20231109.31707&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 5C9A 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=68651519;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20563363907&extPm=20563363907&extCr=524303158&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cyef8ITxmZcqvK9LbgQetqpuAA5WWt-1zhuiunvYRp-_z_QgQASDE_IqdAWCVuqaCsAegAYbHmLcpyAEJqQI9a6tbPGiyPqgDAcgDmwSqBPQBT9Ch9gx74LpZVk3mldvXMcao7vjlPcOEQ_wFHgkdL3UITVelZp5GvYhqvIXhVAgnSv36louwHTO9y5OT5nN-VYWHg3ta0Sb3EsNh1lgxIVBYb8K6Ht06R3Z83_5MNzw2H7FLiHX2lRMZ1bTftTYW5ZZT10jzNaUTBik8S3Lfr0PCfnOlmnPBMi21I_OeP-GdB3o_qzHZjhPUFUcnkabqbx1MgRzi-NjFMvOJ2yuhPbjL0R7tWncQ3wbN_K6uTEzQ-baLQO7jh_DJvFPoybYSrLeqKJCuD6G660tw2xr8iRYiDLnqpigVsb2RwPkM_iE2p39-38AEupr15boE4AQDiAXDkLDNTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRF4g0TCIDXo9iz54IDFdJt4AodLdUGMLATh73NFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&sig=AOD64_3c0KqT39RC9U6-WWg6_oYgK0n-VA&client=ca-pub-9961814823930967&dbm_c=AKAmf-Ar7V3KcHyKC5fRx8P6e5zeKlCtW2KeORbsnfvwUtLArrChH2gnFJCJlZP_WvM0oNWbnVDpjJ5FxmhqStJozkHV0aVVeaeujlspT_4apQCiDMGAqYaYgEZSQhLpdAqo8BVeGotiiCakZFyFHdUP9rtLIZZzRpNgqMaJ8_ggCzMZ1OcZEug&cry=1&dbm_d=AKAmf-Bxx2y_SnJSfkSMUhj-u1MNrYDVVs7Otf3KGi74QhSxNBIY7QOMSBN6PjWUZijDZ1zCUhDC0pAa7ELFHOG_H5L7m91RDWw81_Pm7VDERPYf1f5I8l29YsY2weF0x57zcbPVaT9_hO_DRg64dRSGV1UWhYd-k3o1waNQhLjrbFpMaINE8vrfgIhNYuR-l66tA8lZsbgWrq11ttyyRZXno8zTW-vopkgS9pgPb_3ZLoKIQPWCQrm8PHD0kM3rT48WdhY9c696ynDB4EptVY1PJ7UUoOJfzZDuQCrUMuoqkBbxdjCSCJp1jpvsv9HjAuyRhpUmhcCyrRjiCFv4P-80eB9U1AQtVCt1ESM463N92jaUtcYqe6eXemOG7lunBFLhHNpggI8yDqicfqu5zpqGXh6U7MfehATqLrJQJ_NzVpuiX2Qh5dcmXqzgSfr1H7QcMAHTK38NpoJ6VleId6SB5Eu5vNa1GagmvOXjiuiLJ0GZ21j_eJRklH5kMfD_a6-LV0MNElMr9rrbOfarSLcQk-ClQpC3-5AeD790D_cqUom59NtFfqo&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C3E9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 755C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2354154526989&version=m202309260101&ct=119&x=1&cor=8316991379922094000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 538D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvOYuSNfwPPE_TVN7zIr923e0WgwlI4pdSwNZHB10qzlkFWvAPTQUkMxCfLbPkC3Mkcv96f97GMFJWA9-I3Ixih9tBoXx9iiiC5amXMUWBUGLIiKkKzvtS0N72PRz1H_5_YBpg4CXCGt6UPHj3hxZatAe-kKbVG4RcNlgXj5AGv4MHBe1satacz0DVdsOu7jyzz1dBF8FpFrbw_eESEiYapkyYA02ShOL80vS6s2OhXQHWfQgl0dlR3jEW_CdvFgZvM13jsl6gfaLY8zox338Munio0HtOK0K50XUcBR2YBJ9py0kpO2ZhuWPfUq5fo4pUJRCI2OJeraoxIGoasPtB4Ifa1eMw8-tngR5vdCZOGTrrQmtAZAipK04tDsVCbgas_tjuB1e5OGAMDRSHpRAeRhxJZeRkTXG_1jTa6AYpwi_p1tD6bxK0VHUDA2PAQjJcfEUgFzlfe8alEwFLL__z7RlkD44G8knKsj2Mh7gmUpppEi6YQlbrS7LVSA7kNxa5RanQJDl_F5XYEOmUXTz1iMlBX1qKvYMMLrAZ1oia1HNpBCw6to-ZWtvOIqDl3tWmmEZ7o8-O2qEBM3Vpznw7QW2wzNddptrFOuWRV360ynEJSBd6n3vrKGs3JPC9WOAqeQISj4eFYHv5BFQ1Oq6pGn-aZWa5J85t8HhmpUpVhV9JzcU8Fqwh-1NFA-Lvb1Qgyfd3HbA8RO7ZeLhanIMnYb685_9Khstly9TYaZDE1qo_G4CISmgxKzWO0Qo8cR5nlW1oAjHPJHz2gtdmA4tqkzTDXVEypsQoF1JKWpJTPQvRi6wInBtsr5E4wkodR4mBSVzbLLAbEuViigLAw8k76LgKP81A_vNXK5lzV-88V3y8a20gOYnTrupmcZGb8eVXxtjkfXeQna8GiMEs1EAdPYaEvjH9dhpmWknd4Ws1VjzJdJBloXFIPYCSm6qpauPuFBDTg1DwLSO86pfY48xucNYRPjGMbSnce8EECSibYAgBJGetd3yJC4gHZNnfsXmz2q3AXfss62CIJNfPPZLxqoVp9smxCjsROMrFw3PdwIXEqDUJT3aNrUQRc-C-8nh8QQAYavokOgEVYueWRaR67D53oFphpMqJwK97HVJXjPsbLXwWfGfm1T9GG-e5Z0-xUtpRzZKh6MKYAf6r25QvWpqCEBouXdVjoG1J9RkZzOGp9GEmvTe1vykZ0dWsjqRQPxiVCq_VNM1V14qYeirFboEWQ6b9HQ9nT1w_SkmiLqh5nbsHC3PJCd6frLlQYYHNvF0KmqhRJAFeMOqkV-Wr6aTTuiJ8d9GNHCMoVoZrkla9mWkQXRDfvKOpyL0tErsvwRRxjE6KLwKbpDQCieaseq55EuBvpIQn21r2SF8rNxQTtlvyOAARQ0H1rQy77DKd0Cj37jWHtYyDLIUPhKvDRNE82YOFInr2wD--7akyfS29t2zo9ZFU&sai=AMfl-YRijacYaCYXhPpL_9YGYyWuRWOX8oPVOOXu56rBOTxieZDcuWbA0ornULh5_JL1HqEa6ysfqZUbj-DVGcrQzN96wltidc0njvBncXA2Rko8YQv4uF6duA0jkSX5gVAyPQ6NZXC_3vfa3FHGBZ1sOJSttaP8x2eMQIYClASt9YFOKaPwEKddrn32JZPM0sCpCcd-COUqh5itNS56JUcoA3P9BL4hXxMb1d55rvvI71nYE5rFzFHytuGbcojjuzCMAqmrUiHEDKVZPKhhhzLxomHm2hD5wFP3DCRya_SAc821r4o0RycQvweoJUzqMyUhHg8SDVaCEV727TJ7qJ7QgpgZ892fKymv6Qf6pQhMXB8tpnFvG4qDC55uaKmZBWxOiUVD6K19UU2LjUHqBcfdsUUnrN6pVgpNhivk92-pYmPm&sig=Cg0ArKJSzAe64f5n5HH6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=376&vt=11&dtpt=186&dett=3&cstd=185&cisv=r20231109.19601&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 61CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:17:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 61CE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
999e082a794bdbb21f4c4dc971767651342841dcb9fd92943dd96370f978e9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5833
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 267A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C3E9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
request.php
hal90007.redintelligence.net/ Frame 8E8F
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c7e324eac21af6ebf0ea6952b66550e5bad572a368f3e4634d42f408d7184ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
39130100146931404444554012522007
Connection
close
Content-Length
1330
Expires
Tue, 28 Nov 2023 19:14:43 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 28 Nov 2023 19:14:43 +0100
request.php
hal900010.redintelligence.net/ Frame DD3E
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0e4799792ea64a64159a6824f81b8042582a56a814b531973bd362505fdb3946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
78376100177904004444978012522010
Connection
close
Content-Length
1354
Expires
Tue, 28 Nov 2023 19:14:43 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 28 Nov 2023 19:14:43 +0100
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 755C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B29 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJxjKITxmZcmvK9LbgQetqpuAAwAAAAA4AeAEAg&bg=!oqGloe7NAAZxrfrxUa07ADQBe5WfOK61f0JIRnvWvCcGiqfGOCYxl3ZpX45mQlyjjq6zcne411pSSZ4OJkrDnJOt8T6JAgAAAINSAAAAAWgBBwoAkVPXrLJaQjoOq5A7ANnk574mZzG1HuQ9sYLpKVOHTfpAoMJ2On0rLnbpccTDAJYXy9LyCYw8JJW0YZ-bRnSPdJfdjiD7v_B6drD1Q-HFKUitZgiF8q2SDiEajXRWrLVCTu0NLjw96fOiTJ0tFkTViJFoSfmIXeoF6fqAPC_90CLMcu5flzGCCArprhybrbvLF8GZAvvHodKv_MktTv3Wf3jSg3WtFpHI-ODHjvwCNDMusQRoPiIxdDOlnKaqjTlVCV3fCQlyhvH-QqYF1Z317y4jcwSX0DZADcXtsVpQBKDimtjSiKvmMzLnx1liLW0OWsgJqzrDVjPUCm17W9eUcXg2O_N8ZflJiO7UFOQMTsp_F1JPEdFn1Un3qMZjXvf5kNanDOwX8FfGbPqisAWvzuYU23jRZq3FOodPi7HziMGGLxpoLHjoxHB6VukFFm2qlm3Q58PyP4lsbwJwu5rgJ-Xg0m-RNfevS9RpNc9OVlGnS3gcXUSoBmeLceMoYApSozVa0HpHDYMBzIyib1NFF6lrjxaZoDCI7f4t8TJYp_xGmkRibw1A2aoR-JzJlWiLrTeniX2DaJ2-X3DFUV9ZxLRxL-ovFJsXg-miD15F0Th8q3m9a24CH6snVjTb_-Otuha_K1CqpsIUqlf_nFhGwDHKC54VnYF6T4o9spkHoexH89evS7tIH5LkY0lCBpVA56zi_ca3mUARyjVyYiwVohA1G04U6mH2adw7MRLx0A7N6bMin497Vd0n0b7px007qUig4ThNbUdKCcl8lE9UfbJHfKC5DL-4X0JnDLi9TN7zKx0bLWj4Se_F428mobkzjdLNpvQ6gVsjCFTvSbpuL1QwiV9yRWE3l0c6sugzjYmoKFPjfhgGVW-hQC6PlvDRs3BS3mibiLZOI4wdit2s0RtmZn7p27qbLjBCAGtoCT-_B8ONIFWbS6eIAZW-90xe-sHdOETje4EDvu3edpu_uwocZ3fusElL3MvlBMzAribTTogue8JnKuqUam9W7xHH5CsHWKrxiLeE7QrG2WZr0WCX68XR2UuURdY49BQ6vP8OjpaW_moK3HPgRiT0USfGmxXpa5NrG1yG5ZL1ME6lbvSqtSFMwNc_wewANMX9Whc87wCNPf8g3JrGY8-JNIMcIaUIziFxr6GFdF9nK4PLcWfFIzWqRr3z49TRJtXq3BlWKcAQDVKWgyVNz6rpM8aG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 61CE 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c8dce91e75d2d1747564022caeb1c327735531e5809000061c21011582e7c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:06:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19264
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:35:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:21:01 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame E2C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:17:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E2C5 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fb0ad6186d07ffb1338638c4f96858763c8b4d6c6032875419a64ab2cdd6fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6024
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 61CE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:14:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bl7zNITxmZcuvK9LbgQetqpuAAwAAAAA4AeAEAg&bg=!8_Cl8L_NAAZxrfrxUa07ADQBe5WfOPyODz3mCC0AJQbS50OXJKMF37k_y5Yx5Isb_lSqUU5OYvCDl76LNYslnWWqw9N5AgAAAINSAAAAAWgBBwoAMnID78ABB0RcgPmhJc96DdT1To9W-NrgLeAYuzFbRc1Aw0LU8dVBfUyQIWyOuy-m7o_ZmQMPt4i3G3cn1Lu-qLkUHzUHKKSIQ4Rja089BLJ2NjhXLe7GJLWi1l0HALywCN-aIxzhvg657FpMq4n0_6OOcdhMFH4mfpovDwVyE0eBt6KSO3-WyM8yimB1Oo06hiuphCZOAFkVx15rLjkcTti7nMf2oEgETMHok-WXP3uqpGNcp3_dWxBcflW1kRC9GAkA5Yx0iTLP_YPqST_iUgFhNUiGR1i8VbZkaVOzKVm539V5wzUNvgk_xERfnzMMFYaL8-2rpFZzOlmVEVGVPFJs8lVppQXvJafvzz5NSDSn4RB3qdDnbPGFMzrJuh5p9QcVfaF8Jbx0EGVXRSBRQNgxW348OrKC0y5wv0logE2dWw5Jxbss7pDvqK1EnxJ9KWwsSOM8sZ80kraNmH4nMOvU8BJyppUIRIo9vxa293Wh6xmjS4aSP2t54hGWiaUeM8zxYRif4ISfjAv4DjloCzLy6DJ_fxng2vdrUUJJbhiQOInRtsXLSqy4E9NlXJZajLpJOV-0WV4ihMieEckm2O7g5DuXi-y0Q7KhffC5Wgicfji4wP4nS_fptKDvhJOhluqViufoPctHoqjqzVzaQraEUU5sF-9SUpU80XnSHARJmc3hVzjJdLHlstbveHZsfxUpoipekSqQacyI0sEGnGZ7WCAOQtEwwRhq7ROLJF3UW5okQH7FLOaDOh0OtQ9my3qRK-VKer3AZjspNjNGx5h0Giq4lkrsWieXk_cRyaQ_GktjLeHKVl7j1QMEfxzwTDDf8M03WQGieRoq2gvU4LI2Y6MPd2-knLgKn8NoCoHQ2dyOl4-Yf6YUrpdB1tQFstUcxnPgmrRfqro9ELOwiMpEDqIIN0nd00cKjkbyjQ_0w812mr5g3y-VcCOFyjNOhoh_PWZuJG7SlmcDt5GvgP9ERxkSoyp787y674uZHKqHoS9Qr7CGHRQi6r6sYYwZc5jeRVn-lhlbo7kCMaSfwi09el-pedPb3iljB8hnqUBbWW84VCdxJpUY0dph9GA-lJ-d3_KTqPmV3g6SsIMRFyicEHeB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 267A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
300x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame E2C5 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
165ead97130aee9989da6ed77b98b6928ba3820a8de37fd0b1ea5c537305d814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19303
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:15:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 61CE 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:19:52 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 61CE 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:21:52 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 61CE 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:25:04 GMT
NH_D_NA_Los-Angeles-Palms-Indian_300x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 61CE 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_Los-Angeles-Palms-Indian_300x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3290aa1cdacdca5c351b9fcfa09dfb34fb3e25602d299b81c4ee13e9b87e2c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:09:27 GMT
x-content-type-options
nosniff
age
316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40700
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:08:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:24:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E2C5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:14:43 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 61CE 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=ghtsE1nLlg&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:12:34 GMT
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:27:34 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 3801 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5C9A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68651519&sid=1366186&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60895046&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl100_pre_gigazuhause_231005_tf173b_600x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:51 GMT
Server
UploadServer
ETag
"4bec59ab2a9fb77e9ba1af294cf3504b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Wed, 29 Nov 2023 19:14:43 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame E2C5 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:19:52 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame E2C5 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:21:52 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame E2C5 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:25:04 GMT
NH_D_NA_Los-Angeles-Palms-Indian_300x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame E2C5 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_Los-Angeles-Palms-Indian_300x600.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98a3424e4a1f4d93bba914be8544119c7cfb75ec8eaab4e9ab646a5791dcbc0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:12:25 GMT
x-content-type-options
nosniff
age
138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88204
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:08:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:27:25 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame E2C5 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=0mLKE8JSE8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:12:34 GMT
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 19:27:34 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 78AA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY85LIzxmZZr7ApK_9u8Ph4-RmAIAAAAAOAHgBAI&bg=!-fql-rXNAAZxrfrxUa07ADQBe5WfOGSugpYg8RPks1egXdtSgg1rqVSJK6waWf8_EU1HMPMfVYKIuUrFROHudiB2AK6jAgAAAHJSAAAAAWgBB5kDAuKUq0UuInMbh9s_t1WN6KTNoTLUzTRJqXiZr_RL0Z9WIygSrL3zMmSKiG60wd0kVAFFk6Ia20YoCfnc1zUJ5WMGkkn3CZZ-MjMKgTx5IN20VYYHF94cdfQ0ScSFqeKspc1RBr7KN9DxD8480aGwqFJgAKT1YBtxmsGZvC5JH33GM79nIafskBkCpweHy3Skifvno4dWXqU1e5UKEWSWRgzLPlZDzyokFrnxzXnjX5x93Iy634XczaBOuRIlQGeF3-0TciBQ0NfTRpgS9DIsskB03JpkHNpyo1BPVtbwRcLrtUJIpBKkAvwlxDUzctMvpwsekyHSTq4Sn7o6rp04-UMk3B0spyuJEYQX20vu1P06ZkmUMptDDFxGBo4iQIhrzLyW2xoeErq9No6FACLaFgTeSwwRJy8ndokXYmEgSznjMgoanjNKxg_DMetOh1C-9JfcAWwduiSCGarD3RaAuUjkg711S3IGZyQ6nWmm6IG-wFP-u8Ig269epy8PmZdv1v5FnIJykWqdOm_iu975-3JHwQqpT-WzFzvpIsROwoA0WNq2c0GYwP7iLNV79FzRJXSBWL3FVaEDURGZDExH7-33yZvH8C0xVgakj7lXlfJBX20iujxOfgHAMYhsbL71N3MQj4m2IVI4S_zLqzmbOLa-cMTSeNzu4foTg417S60hRfVjbhw5_dnWBkkDVVvaMbcD-4pCa6OB2N3a_qLBeYBDSSJrOlzrEqtLYLI6ECTiJiEfmHka-Ey_54WXgPsWjIAr-eQ027VA4KGncQCDctT37aK8FXvsy7PslqGO5oLC165yKoOtWntq7LyHFS1gg95A3R_mcTkNt1WS-2-ZMcq4DHGQMxavB6BG5-SqID_C47ZgGdY-Cu6WOgZoIFO_NOddzOZ3pMkRpr6XpA7ArTgFDblq3KCqf0UnBZ8CKs0M7SG_H0_5mkplESM65wQN1iu1AlrDtyfoFbWq9b-1IDFSCOQEMz035kdTCZtcFCy8r8uKU6q0hTngL4WhlCiiqaMv
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 755C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bf3RMIzxmZeftApWn1PIPk72B4AsAAAAAOAHgBAI&bg=!SUqlSgXNAAZxrfrxUa07ADQBe5WfOOdAssWpTWDnPoP0lfOHwNspzXcaHSf13z3DTGsRanXPfzH3DgrxcYRw5ewFimF1AgAAAHhSAAAAAWgBB5kDDMBBX2qQJWtO7tLYVlkc12-P_bNX4XwnBqzHHBNT00DSQ8hF6iJAIG448PlLPRF_cnPuCeZ11bXhA1Zq6obwhBSvZsOrJ6fgNIsctRrOQ_IBeoYHv2yVg7Hkjc5QuapYNAj6hP-tyzoFLYzoxDfY3QKCc3lg6GzZV-vWolStG0chWwxVSdlfLJTAB1pUKeJxL2Tzv9uLngXnj3Ryv9rBf6yQ1Nt6klbQ9BmMkC09e8eEkXywbURE67FOL9EerNfZ80Z4itHSciU2XLBTniDbhFJKxvLqK-xotxqt96raObV4nxUFlLJjp_FiwK2wRmb4t2ke9bvlJG7N8RMQXDbRCKWzSJ71jsc3RImGEpVZEs8hu1_2fgIWX12pzQCT9z52RmH7J8pSxPKrf55WWvqyauzCjc2_2wrKcF49OruAkAv7N-N37I4AKSqg21KZ2UggVsyajxqrczOnIXeSXoUdorupO4CY6gbV4S5Rj5ZaAvN3j9nH9HU-37Fcxlp8yVzkxtZZPzN1cOAZMj6eJAm8oKDQYr2izDBkKY18uAa4YwofzDVp7Ti8dxz5KFLbFNhpv6uvgUyFMkaKFYmUZWwZzwsNVEBBi-ShpdD7T0nA6O6YCItKxZUndlQ806Ksq4muNHAmPp9rkem1KpUSAMDH8FvaPTWy_Ctx9rM2ILrL6yftxR27dZCkJvxjOFjIsS26-Ty-tOh_sexMeAzgP0RSC7B6i4XqBNdYyczv6JBJSZJkrcA5Q5RoZOLcA9I6w3FuFbQ5qtiqulGY7TGISDnQnLvoq8kU1QKa_FsVf1F1p-p4WyVfrz2scTbFwQgB5y1VedqzBjUEwiYzk4uP0qNwtstclJ-zcUnE7uRP2GQTecc9bLWvy2HcV-932VjkHXbQ3eqOX30m8kGW0DGsiRFWyBfz6E0-uVLHr4wy7PLyLa4fqO3ufxX5UQ5qoHtvf9PypGeFfFL55iqmradOgkgHZnakoHMlI7H11ynWlPe5F1GpPpzbMTKUNj6Tq3AZB8jYcpPBANt7Wab0LkgpMA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal124.js
cdn.doubleverify.com/ Frame 5C9A 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68651519&sid=1366186&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60895046&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl100_pre_gigazuhause_231005_tf173b_600x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 07:41:53 GMT
Server
UploadServer
ETag
"36b6087525da09e8974d3f2aa1f7282d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19649
Expires
Wed, 27 Nov 2024 19:14:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 267A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnA73IzxmZa-wA4jM3gOV0IqQCAAAAAA4AeAEAg&bg=!KCulK2TNAAZxrfrxUa07ADQBe5WfOB0iRO57owXldspDiK6juqXCsuJKC0CzBse0vzvfAbJ_8qSAX5RP_pNTXlzrJbZvAgAAAHVSAAAAAWgBB5kDDuu9079f3dHLacOovaPx4bNHrpW1iF2bv0AGUvff1pZqKifjVF4ivM8ru9M2CMeiIoshVt-eEQujwhV-cOkWtPLvGVo28ZSTgS7TADta98-P7h23iDWSLRUxPUtGiFIvfBlcq98634Cn2sFo1yiYsIvyeF3E1gzjWRrVygUQ6vKr6az3DS_9MNefTcusnXsNfHmkDrKhQRnsXwkO4SYqjcPzzMn_M8n5Vp_CRi8WKJg6EbuBvnRE_fTNocZSbq77gFKTm-ZDF5vcqBUmzj6-u11BafhzA2KqxpjPxLjQTvl77ui--PW8YVpP5CNHfqratZkb4N4_CTTo5ugx1Jkdz4KhbZAmRduOxYmoVSSnggkzAUOD4LGyXghn966scfYFor1T5r1tUP0hcsyIDIxpKRLwKPXdNCfTOCbcifLnJlqLOfegyXiOrhFJ7oWcHUXufSHW_EK6yPR_jYdj6_ZWphuFlyMwXwL8VdPe0r6fG8U_oM6HCV4U6HpB9uyw0WsKllZM9ibhGO8FttEi6WynDBbjvQ7NmehZmZY2CfjNO2xEi2K1YQviyUzXvtrXuZLfH-5sH3n9Op_xd3KHpkl-8rSwU4rh0FYNG5ECP7nMiHoEH4oZLEq8TM17EufkpMFbFne6i5FFBL8SUcPn_7Z5unmxmmTb1NSNM3-JV9BwbL3OyEqQ1IST2VCNAW1qXZd1DwE_M11O86yXam9tT3UKnU9Xin46V2beCHrnYkjbu-rpWs_HKcEQaaViOHDTGBP9lNrMdDrXFEcIK05LniAshr6GPe042mKma5QArYuJqPGv3-ht_ORkmETnH0jDM8U0rhlIJrdpyuqgb9tyuCEhyxTj9uiwuYBPRv1cnlwXvQhfN3sHg29UYBJhb0PJiR3QRip7pCAK-WjW9NqNiQgtsoB21ilMMEM7Inv0ic75oPpiZipUFLXCkYQtcr9n0wePdf5ecww-I85YfypvaHOn5N0oOYDajkSHOwbR-5SpV9pVFYDIaFme7nKe_hIxjZ1WbONttdWNTVAu3t2iavpM
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame 5C9A 		1 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_867703319221&jsTagObjCallback=__tagObject_callback_867703319221&num=6&ctx=11655933&cmp=1623176&plc=68651519&sid=1366186&advid=&adsrv=&unit=300x600&isdvvid=&uid=867703319221&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=119&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623176&aucrtv=60895046&auorder=2010169&auplc=6994694&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl100_pre_gigazuhause_231005_tf173b_600x1200&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=16&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3D2A2%5D%3F%3A%3F%3B2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3D2A2%5D%3F%3A%3F%3B2Tar9EEADTbpTauTaug25d%60hfc6a3477ead%6062a5g%60_ahacf33%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.40&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_867703319221
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
37fa2bb4bf5bbc8c247cb884c18d661c3fae6e80abb2a0a065e0ee97d352c12f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/27/2023 19:14:43
view.aspx
pb.media01.eu/ Frame 8566
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39130100146931404444554012522007&actionid=879111&produktid=ratenkredit&dt_url=
0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39130100146931404444554012522007&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 28 Nov 2023 08:14:44 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Tue, 28 Nov 2023 19:14:43 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=39130100146931404444554012522007&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
D972DA16:B8F4_91EFC182:01BB_65663C23_8B611CC:1A429
/
adv.office-partner.de/ Frame 0712 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 28 Nov 2023 19:14:43 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 05 Dec 2023 19:14:43 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 8E8F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=39130100146931404444554012522007&nw=1
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.123.127 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-123-127.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
053115cc5c964b03ee82d9e3e4f2875910cdb9f02a1538d3d0bc99dfd18fb8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
last-modified
Tue, 28 Nov 2023 19:14:43 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 28 Nov 2023 19:15:43 GMT
activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615
5994599.fls.doubleclick.net/ Frame 522A
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615?
391 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615?
Requested by
Host: www.lapa.ninja
URL: https://www.lapa.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
7ceae43f3e01bd70b0c09fecc00f6280f5c73dbf3be037067a7f7af7facdd869
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Tue, 28 Nov 2023 19:14:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90007.redintelligence.net/ Frame A7CF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=2f56d44523&subid=&uid=40f411bbf0e87764&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLTVyITxmZc-vK9LbgQetqpuAA6blvaBprZWcp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8wFP0Fyr11f8J_XvVblUKtnBO_J0778g--f6x2gfKn8xkHQP4yQb8X5VhXrP7VbzbTZkU9RwMqcCZbIfgqDptFBdF_-70D6FepI_yzB78EQBdESiSboZO9gAtCcLT1wGsGJcM3ROvv6CHiiQ7D-mPqLZgJr3Nm_8zF4Eo-Zm3IyRpzym3HowulX57Ej9Vw5-GlGLYULSl7StVuWy5tjiAVL_8ZC_vtqG4gInNNm6_aEYQ8PufrTABf5PT_pygK3tW58u2Nxxbx7nu8NcjK0valxTYvBWoq8O83m4Cnzb9chCCjRFweM3r6xoaY8or7lBI4ybIoTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiE16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2vdMT4InlfyMbpUOH1TbaQKSxBnQ%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-A4sQFw-7udjWdVi_Id6f1U-6qhhd5RewHtZjoboeAqPmWSZYCDFNgoLwNaMmvb80JEqc1XgeCDcKD_T3SyGvgKPNm65mbykuqfqfGwUdeC5NJyIfxGlUBrHeUjXo90N_xpgdYai0CcFZW5-JuJjf3iUvh7WaE8eDRJjB8FA4ByZaSWW00%26cry%3D1%26dbm_d%3DAKAmf-DrW3GqA2EF2h-amncB3N2oQ-RtzXILT10xba08IpNVbGnf_aROEasInbcmaG8MvvwTteGKbWacf8ofXhu2T_qLJMKnhirKTQPPDSPSnkkr-kAjo9IDIzz-REGlcqPAsGHoW-v8fuEhL2ih8L4Zcp43QHm3Kh2ptJ-sEQIi_xgC2P8JSLtwnBue9whZh_CKNIPFCctT0OOYDANMKb-YW27EWopdpwRVBpS_qIWcxpkWjcnMb-v1z0C4zMNgCxO5uPsXi9Dhxq6bpfvLPk_oqtFSz5E1W62mkoXp77d3PrbsNVTcYEPJrS638b7VUe0NLhabpiueSyoeeQFUCDCp8fZpIW-XXrSkg-g3_-o4scc_Yv0ue2EH38SOwHKL7LKccNLLgHL2KGnZey-wY0znnJlwzWjnyFYGNI5_QKLeoLM7XYp7gpNoWqjRVHHBFGLv0SxeyQHxPTvicaHFB85sdLE3UepMn-OLcUbfQS8uZ3nJvUQVnC7MElHHxByLuBO4rXgWUDsZdxwdPbVKMUMliAYAewq4gvZfPcIMewiiNiVwRQc_91Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=5631568104769&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5f20ab5b413a36185d952da474900b7d0f10feeab36c3bc058f9284ce2785f29

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2035
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 19:14:43 GMT
Expires
Tue, 28 Nov 2023 19:14:43 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 8E8F
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
D972DA16:B8F4_91EFC182:01BB_65663C23_8B611D8:1A429
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39130100146931404444554012522007&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 28 Nov 2023 19:14:43 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame 8E8F 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=39130100146931404444554012522007&pv=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 448A 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8E8F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d65cffd46ad6f00bd74fdc986f73d3be0327ed92e80c979cc2e42c6add8d838e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 448A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1&google_push=AXcoOmQvuB29rzHwSoyErCnqJg3oVLIppfh-gwnt_mzi40Aq6DSRXMtDpro1iUUhmBMbTIbdEEbTWg8M_vYMsvJ15USGMkhUglpp
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2Nzk5NzcxMTUwOTg3MTk4Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEApHB9ioPP0E5B3ePO03xyY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 448A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBs-6f96a5-YgLijb1E1rJQ&google_cver=1&google_push=AXcoOmRXoipEBKpUlcAzoqH8qC1r1l1w7o1IwS3jl7aaKO95zerOWOrRZ02dMxy2IPKg2Z_bWMfb54IZHmqWQDDpayOMmmkB_r7rZA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 448A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaWgckMqfO3hy9QF603KAM6xCj7Evp3UMV9OcpYJIA6nxZSyuh9D0kEitQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQF91ZskSLaMpFumON5hDl7XtEbrxypD1hsyI4heaWgckMqfO3hy9QF603KAM6xCj7Evp3UMV9OcpYJIA6nxZSyuh9D0kEitQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 448A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHapUUJHwpOOvstp9E5Yig8&google_push=AXcoOmTAIKSK2TQmE2qlyjz1j9Xtx9umxj40uDCV3KggSUAReUsHF_iJUR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHapUUJHwpOOvstp9E5Yig8&google_push=AXcoOmTAIKSK2TQmE2qlyjz1j9Xtx9umxj40uDCV3KggSUAReUsHF_iJURl_k8pR4H2nV4KdM6GXMBeAA5QUwsoEiN9sgXjilTvEdA
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-cph2320058-CPH
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701198884.686702,VS0,VE96
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHapUUJHwpOOvstp9E5Yig8&google_push=AXcoOmTAIKSK2TQmE2qlyjz1j9Xtx9umxj40uDCV3KggSUAReUsHF_iJURl_k8pR4H2nV4KdM6GXMBeAA5QUwsoEiN9sgXjilTvEdA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 448A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UrUAA2SapB-cmrO8Wc94&google_cver=1&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_1-zLst06MP-Ig
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_1-zLst06MP-Ig
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmSK8l00TJDLxjHgqJbjmzscM1ZTYajFBDRxqZLwN6WUPexaPhNu3pbSZCYepHIizPhkcgQF9xBJLxiKQm_1-zLst06MP-Ig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 19:14:43 GMT
google
match.adsrvr.org/track/cmf/ Frame 448A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEG8IPJKCD-b-94FeoJ8h0A&google_cver=1&google_push=AXcoOmTDb3yDjot_9Y8Zw9CqLeXIVSGyEdnmH62R371Fj63GtcHYJNm4dl2NNa0-a2jfX2xn7gUEYYOwbFIuaGI36GwIeC1rJKXS-g
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
report
sync.teads.tv/um/ Frame 448A
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQKDmAlcPb6TFk_nLGgpQa6L8VKlk1PXOuW_oDkitmlNEObWw4-7O1Wij8iYVUvUO77rOMPbECDx9_AkpSYFR4aH6L8yAgjBQ
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 19:14:43 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 448A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La1yYvEGM7cwIpp6ZG8v0fplJa7S8065x4eWaDWtvGBfsymD70a751OgKDODUwRelvYVIFNw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view.aspx
pb.media01.eu/ Frame 43C7
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78376100177904004444978012522010&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 28 Nov 2023 08:14:44 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Tue, 28 Nov 2023 19:14:43 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
D972DA16:B8FA_91EFC182:01BB_65663C23_8B5A480:1A42A
/
adv.office-partner.de/ Frame FBDC 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 28 Nov 2023 19:14:43 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 05 Dec 2023 19:14:43 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
view.aspx
pb.media01.eu/ Frame DD3E
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=78376100177904004444978012522010&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
0
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 28 Nov 2023 08:14:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40028
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
D972DA16:B90E_91EFC182:01BB_65663C23_8B5A481:1A42A
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78376100177904004444978012522010&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame DD3E 		43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=78376100177904004444978012522010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
D972DA16:B904_91EFC182:01BB_65663C23_8B64B55:1A428
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame DD3E 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=78376100177904004444978012522010&pv=1
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=e2b6eb5a30&subid=&uid=050c431bdc706646&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGe5RITxmZc6vK9LbgQetqpuAA6blvaBpvZicp8kP8C4QASDE_IqdAWCVuqaCsAfIAQmpAj1rq1s8aLI-qAMByAObBKoE8AFP0KQOLYUhzu3GzyyBRmYB615XN2zxzlKGeHQOaSj8nigGC4QnYP8HGlwxqOQrLnBpNAqfZ0zH7nFsuUlfRiTKa7EdYCtO9JFGrIAWUtFZFNFFGasc5ETgN650E3gN4JG0cPi9Dw5mVzKCUrUyfgLCC_xlYQU-8RX187YD-e8NS3i3RZcSSNqeBMYNSpf9S8lRAFZDHQivYXIW7P6bj9CCiDevWI_Bsb4VC2w8XFTgjZ42bZQxNsXJQDoslYHmnWiMvAc6oRUlbuhGv-nmzRNZC4pJPGqRJeMOLJwa_upzIUCNIflk8H-v1NS0vd_D7BrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwiD16PYs-eCAxXSbeAKHS3VBjCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB%26sig%3DAOD64_2ojgJ0v0g9bDwL63yT_qLrF5w9Ww%26client%3Dca-pub-9961814823930967%26dbm_c%3DAKAmf-AsnOWgYeEnho96vEsaazSjPpwOFLJsV8hFfOmrxJZuCGYJvLeEQPHbWX3ch0_pmdaETmVAAUH4ttWPu5Bg0sfUXOu_DtzRejyPG8jwOFFWI9uQAXIlVxWvlhfBgMpAqQ2hZ2SmrzO0TH-53VvgDiitUqLo5HZx-QhIroitr30KLmdmKgU%26cry%3D1%26dbm_d%3DAKAmf-DbruGte0jeQGMwo7dYFCD8vyttY4GliBsZss4KxYtVGmrsKDHM_wTGB0yj3Zmt4GLHJxAFzdaQP0DVaG0Fn9qBzOqt2TYKHXM1XS87gnhVNsedugS62VTjmOSBpdR3-odH3V3b2AwAfPqEixbnberJaT6pdLpqtYMUnGVqUbkylW9Eak-QEH_u5bABgEicHBKrKgUcxuJQa2eaWcvSqqkCpq0M1WSgnO0H_addqBupMgYuIta8RGDlgfojydfekSkahRT46HAdkiHgD8r4y2l7DPww9TJbENDm4zQQmy3_pn2S-IxRvf2fjwxv_6JfdZlgJY72KPU8p7pTUHWiaatTgEazN-y03aU38s2Ua4YPZatNCPrQvPc2LeYrJ7Fmr5tgfCd_0rfCQWiFo_h-rK66l95azdK-5Z0fzkbH6o0vDqbreAD3oEJDIc3KOjDpfIO2YRC_6ZFoEfAEthSMSiqAq8C9LUB_nE-tB9k17CRNYSWZXU8RTaf917QM9q8QkzpPPb7XuFqC7X8kQVYrwuh_yLATSifrnYWDS989kbx9BUI8uJU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lapa.ninja%2F&ancestorOrigins=https%3A%2F%2Fwww.lapa.ninja&random=8532617026890&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
css
fonts.googleapis.com/ Frame A7CF 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:21:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:43 GMT
/
hal9000.redintelligence.net/scale/ Frame A7CF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
dd7501619aafbc82c69a0e4703d99c672fbddd6e82c5fba1b3dbb65eac9efff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12180
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A7CF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
67872d115a4f41e869e5bb8fb8a3543ef2309bffb4d2c19068d56547cdd3baee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12071
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A7CF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
44c9f99469547c636ccb41073305526a4ab4b898cac4f728d577f6c21a90c8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8151
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 0712 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e6c9d5ac53610a03d3a0072c60184bb3ecffa653b5e0884d2d12ded86da6613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63930
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 19:14:43 GMT
gtm.js
www.googletagmanager.com/ Frame FBDC 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6affcf70bb4531c7c8fc428b0d3d77d0629a78f24a51d2ac8e08f9e88592ce7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63922
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 19:14:43 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 5C9A 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=bef79a7f8e4e414586f50829a4bc4829&vfdur=161&cbust=1701198883626526
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-27T19:14:43
dcmads.js
www.googletagservices.com/dcm/ Frame 5C9A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:26:07 GMT
viewability
hal90007.redintelligence.net/ Frame A7CF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=39130100146931404444554012522007&a=8be98613&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=39130100146931404444554012522007&a=6d4cc85f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A7CF 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
339864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A7CF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
382306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 09:02:57 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame 5C9A 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 00:21:59 GMT
B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5C9A 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;xdt=1;crlt=fjLHHGfbwB;stc=1;chaa=1;sttr=38;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
84cb3c106eecdc460406ac8830a209279b54c5f4fa710724c1d46d2f58a47a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30780
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8E8F 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=39130100146931404444554012522007&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-48.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:26:48 GMT
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10075
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
boJaqXvgRyAds3R2WC7GcQi5tBPvHLugy-iTPEeqvCdYR8rH56t9Pw==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 8E8F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701199183&Signature=Hg1jXjfG-F-1FyM-4UWB5W-0Swccc6q3OuyGuVqijULoXGlZnKWWpX1iiLho63S4bmhwG8jbhCYyTdXncFznZX931zv4fq0R1Cj~efL415CMMuQck-op3n-Noy0k0OtyBvZYr726IPsOlHVY~NhJ5DJHG49bYcAsQpOdMXaVldDAV5XQaeTHT4SS4Ou4d7906XiFrLn8w2QkakFIEqvuGQsBH2klO4wBtBLYkZlU17TuOWYpQOS94lmoj-xnuewVXXsjFMeDuSsYOUJ1YRlIunwB1INtrUO6jALxFJIkSkYWasJvRwJFSyTrxYO-vLLFaudY-72V2DHH7DWyrjtdKQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 28 Nov 2023 07:14:32 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
43212
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
xvV8jxb4p65ouR9KMFtLT0Yo4S8qi2QSnJfebVfnllrvlBxZvR6FkQ==
dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615
adservice.google.com/ddm/fls/z/ Frame 522A 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-nm9mz54IDFcZXkQUd4zUJTg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2554749917776.615?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 33C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2Phy2K20hMQ2O13DLkqLtN3I4wJTU74QC401YI-iNbG9vtj1qSUznKmUrdmyj6M0eH3OpK2B75wXHOqoWcKmZfK5CmgvtL2upwjU7xdgjZqTQCeizOFk1Pm-ZHjCFRvxfrYrU6zGNa3kC&sai=AMfl-YSE-GHywL9Glwi4qCQeI9U6KG3wlb8dvGASLJRoswMcyoYkG6Ju-3hR84Krry1Kt8RGqMfLctf9ueIQI6ucgcLRWzIyrhPuRGZzACf5ITOnJAUXbaxT-4M-LA-i81j1sxvY-d65ei-xBpEAVASj&sig=Cg0ArKJSzAOQ6EA6dHR2EAE&cid=CAQSTgDICaaNbEY6SqCXZ0skz7iWsser-IRiIoFQX2D0cVxspsJ2AEzbtDT47tmn8dlXgk5mduerfH8hLETo6b-hRxICpXqXf8dcmy33CENbsxgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1668345985&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701198880963&rpt=1774&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5C9A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;xdt=1;crlt=fjLHHGfbwB;stc=1;chaa=1;sttr=38;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
10641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5C9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtA-7p6UHvOtn4goLNP3e97TX5Qtar36tNTwio2shqDnUIfHkki97TJY9XZ6nnT99pFXH4Nkz_Y0ybAeBV6rp7eS75CJhnIKZsWK4IvgvqJjjhuunS71WU5Fnrd9noylJaSQNJ5xbf4pwTThC107-0_zcnpbJ0AOahutaa&sai=AMfl-YRWUes8ETtszyNmU2A90amoQ15JweFzs6ooFGe3fujBcsu6ct0TFMKrsGlVDzPV13CiXDHHPKtXYBiPPdQSojsHyNXOeCECIo0kzA&sig=Cg0ArKJSzLT7CouW2_W1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.28504&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;xdt=1;crlt=fjLHHGfbwB;stc=1;chaa=1;sttr=38;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5C9A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;xdt=1;crlt=fjLHHGfbwB;stc=1;chaa=1;sttr=38;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
269841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
6335791767665586692
s0.2mdn.net/simgad/ Frame 5C9A 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6335791767665586692
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:20:23 GMT
x-content-type-options
nosniff
age
510860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314659
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Nov 2024 21:20:23 GMT
js
www.googletagmanager.com/gtag/ Frame 0712 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6bbc404229cd5cf961a4e5f8b272af5bc63e94c5f41b4f6315d859cce913c691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92864
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 19:14:43 GMT
/
track.adform.net/adfserve/ Frame 5C9A 		0
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=68651519;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20563363907&extPm=20563363907&extCr=524303158&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cyef8ITxmZcqvK9LbgQetqpuAA5WWt-1zhuiunvYRp-_z_QgQASDE_IqdAWCVuqaCsAegAYbHmLcpyAEJqQI9a6tbPGiyPqgDAcgDmwSqBPQBT9Ch9gx74LpZVk3mldvXMcao7vjlPcOEQ_wFHgkdL3UITVelZp5GvYhqvIXhVAgnSv36louwHTO9y5OT5nN-VYWHg3ta0Sb3EsNh1lgxIVBYb8K6Ht06R3Z83_5MNzw2H7FLiHX2lRMZ1bTftTYW5ZZT10jzNaUTBik8S3Lfr0PCfnOlmnPBMi21I_OeP-GdB3o_qzHZjhPUFUcnkabqbx1MgRzi-NjFMvOJ2yuhPbjL0R7tWncQ3wbN_K6uTEzQ-baLQO7jh_DJvFPoybYSrLeqKJCuD6G660tw2xr8iRYiDLnqpigVsb2RwPkM_iE2p39-38AEupr15boE4AQDiAXDkLDNTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRF4g0TCIDXo9iz54IDFdJt4AodLdUGMLATh73NFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&sig=AOD64_3c0KqT39RC9U6-WWg6_oYgK0n-VA&client=ca-pub-9961814823930967&dbm_c=AKAmf-Ar7V3KcHyKC5fRx8P6e5zeKlCtW2KeORbsnfvwUtLArrChH2gnFJCJlZP_WvM0oNWbnVDpjJ5FxmhqStJozkHV0aVVeaeujlspT_4apQCiDMGAqYaYgEZSQhLpdAqo8BVeGotiiCakZFyFHdUP9rtLIZZzRpNgqMaJ8_ggCzMZ1OcZEug&cry=1&dbm_d=AKAmf-Bxx2y_SnJSfkSMUhj-u1MNrYDVVs7Otf3KGi74QhSxNBIY7QOMSBN6PjWUZijDZ1zCUhDC0pAa7ELFHOG_H5L7m91RDWw81_Pm7VDERPYf1f5I8l29YsY2weF0x57zcbPVaT9_hO_DRg64dRSGV1UWhYd-k3o1waNQhLjrbFpMaINE8vrfgIhNYuR-l66tA8lZsbgWrq11ttyyRZXno8zTW-vopkgS9pgPb_3ZLoKIQPWCQrm8PHD0kM3rT48WdhY9c696ynDB4EptVY1PJ7UUoOJfzZDuQCrUMuoqkBbxdjCSCJp1jpvsv9HjAuyRhpUmhcCyrRjiCFv4P-80eB9U1AQtVCt1ESM463N92jaUtcYqe6eXemOG7lunBFLhHNpggI8yDqicfqu5zpqGXh6U7MfehATqLrJQJ_NzVpuiX2Qh5dcmXqzgSfr1H7QcMAHTK38NpoJ6VleId6SB5Eu5vNa1GagmvOXjiuiLJ0GZ21j_eJRklH5kMfD_a6-LV0MNElMr9rrbOfarSLcQk-ClQpC3-5AeD790D_cqUom59NtFfqo&adurl=;js=1;adfxid=1x;7510;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.lapa.ninja
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
js
www.googletagmanager.com/gtag/ Frame FBDC 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d0b820dad15cf1df13f54bc054ebf319999563d3b161e09634b1554eca62c02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92922
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 19:14:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5C9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtA-7p6UHvOtn4goLNP3e97TX5Qtar36tNTwio2shqDnUIfHkki97TJY9XZ6nnT99pFXH4Nkz_Y0ybAeBV6rp7eS75CJhnIKZsWK4IvgvqJjjhuunS71WU5Fnrd9noylJaSQNJ5xbf4pwTThC107-0_zcnpbJ0AOahutaa&sai=AMfl-YRWUes8ETtszyNmU2A90amoQ15JweFzs6ooFGe3fujBcsu6ct0TFMKrsGlVDzPV13CiXDHHPKtXYBiPPdQSojsHyNXOeCECIo0kzA&sig=Cg0ArKJSzLT7CouW2_W1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=74&vt=11&dtpt=73&dett=2&cstd=0&cisv=r20231109.28504&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=2913917846;ord=14mn8d;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.lapa.ninja%2F$0;xdt=1;crlt=fjLHHGfbwB;stc=1;chaa=1;sttr=38;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 19:14:43 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 15AF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 16:18:11 GMT
expires
Sun, 24 Nov 2024 16:18:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EE96 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5C9A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 19:14:43 GMT
truncated
/ Frame 5C9A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78102ff81f39fc0af297c263e34bf0a51471e14f1a227cf9c62b4bc279d07c6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
link.html
track.webgains.com/ Frame DD3E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=78376100177904004444978012522010&nw=1
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.123.127 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-123-127.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
02a4afb349429cc2dd1be56eac71c16af5df90464cfd33655b0a22ba49f12ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
last-modified
Tue, 28 Nov 2023 19:14:43 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 28 Nov 2023 19:15:43 GMT
activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27
5994599.fls.doubleclick.net/ Frame AC66
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27?
390 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27?
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
45a6434e9cc12ac962483751a9a6db207d6879277e3f8d97e4fff2d55523851a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:44 GMT
expires
Tue, 28 Nov 2023 19:14:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900010.redintelligence.net/ Frame C7FC 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
21c628c00e084fa1f22fe227b8ce4817ae723609d245e1d9c24eaf0afee396f6

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2039
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 19:14:43 GMT
Expires
Tue, 28 Nov 2023 19:14:43 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 97F0 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DD3E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3b7e02410cc9081f05e7bd56e2f2b70bd0b435254f73555239cc117bc3babf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0824 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssfPePzU-0v3Q3A5cliwg9ZEToF00tNNXTYp7bQhQTlkdeIj7FxhdYN3vfvrK_UHzJfbSHlMcTSwOdEXvVlSsInCaDo99_qcJMCobO_2vvOGZ_YzasP-WNfo7xXhbVzF8Cn0yTkCI78QWU&sai=AMfl-YRF-hWWX_cRSNHnlsknbfeJlI1UB0ELdWKQjmfTZ_yHLaVRUCPjDXKtniWPgswasvWKK8RkYloboyea5tVyNp3SrSARFyg6v-Re9Zwv-y7SNe9HE_WpXA5DbRa0&sig=Cg0ArKJSzKFh2AwezLtQEAE&cid=CAQSPADICaaNTu5JdK1WIXRldoucoSqXMLx9kGno0kMAuMT0oqzcLJ6EPW3aMAUw8DdXRJYeAW7EIbGenQSpSxgB&id=lidar2&mcvt=1026&p=76,1284,326,1584&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=332248707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701198882674&rpt=207&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame EE96 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEG8IPJKCD-b-94FeoJ8h0A&google_cver=1&google_push=AXcoOmSebTh7ypNeY-ovBLUjwnZ_-aXrC1B-7gPIQqRck7o3HuQz3Vt-Vq3IK6cls9xGlON2qJ_NImvUmQW7EcJ9M5u3Che0ZNxUxQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EE96
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFOXNvP79oTWcQPHuB6lrzo&google_cver=1&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5Aagd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5AagdNHBHWrdidMRQ
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjU5MzU2MjIyNTI3NzA3Mg%3D%3D&google_push=AXcoOmSFEO9_Fm8_M0leBW1HV3wV5X8aJXRjySISPA9Cqjqc20aHq4Es6rZf2PIQaMTCcWJmfwjimxCOo9eyO5AagdNHBHWrdidMRQ
Date
Tue, 28 Nov 2023 19:14:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame EE96
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGQ3aKmnMxkCzHT4r2qSuSg&google_cver=1&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6YDhI_yvuZESXBw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6YDhI_yvuZESXBw
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-_OhSQNyT-0Q_2kU4eR94w&google_push=AXcoOmS1NeRhxdXtCy6p8ZZ4C79OgtUnLMwFQjvYn0drvHa6OorMPwumYZ6BcVg1FodflLacIlmtGh6VS8VdwTV6YDhI_yvuZESXBw
x-host
tde-deliveryengine-production-6987bbc57b-dk4cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame EE96
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEXlMfA0uwi0F8-vX1kaDCM&google_cver=1&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ejxR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwNDMzMjY4NTczMjk0MDU0OA&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ej...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwNDMzMjY4NTczMjk0MDU0OA&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ejxRf01PQhfJtsjdvIs00E-FHg
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAwNDMzMjY4NTczMjk0MDU0OA&google_push=AXcoOmQK8DJs2qsrrU4u9tf5rhjjhxWy5PuBaH3p6bkzwU-wSBNGjILciJ8CJP7hgYOgS4nTv3u5ejxRf01PQhfJtsjdvIs00E-FHg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame EE96
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEZRJ-vHB5HPRpg-vftFpQo&google_cver=1&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK269RTag
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK269RTag
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTsEBfPKBJY6v1l6WyWVX97c-qIUzTJEF9m0rbHj9U5SfPdsCH1jWUzWmmbCfnUgDV489Mpzv8EWL8ajbZaWbZl-iK269RTag
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame EE96
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmRDsOGljRxmldhdl1qLbhy-PBje-uSPR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmRDsOGljRxmldhdl1qLbhy-PBje-uSPRRacP5wC6fB210Ly1akH2k9BlEBkoHEfULB4yPJRVPY0t2HfnfqGFTWrgbfz63FoPA
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPn%2Fh9pnOAX%2F8txSFFXqkXHGKlC4T0nvRfZ%2FSSIPY%2F%2BEI9UXMlW6OD%2Bq1L0VygoUBMc28nwkiFBCdJyqdtLb4j1tSxkcXOydSmsqgYX3JAqcQ0AgV8tjeJAhgfnoryaB7QTG2H2XBvT2QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&google_nid=index&google_push=AXcoOmRDsOGljRxmldhdl1qLbhy-PBje-uSPRRacP5wC6fB210Ly1akH2k9BlEBkoHEfULB4yPJRVPY0t2HfnfqGFTWrgbfz63FoPA
cache-control
no-cache
cf-ray
82d4ef80edf59b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ebda
match.360yield.com/match/ Frame EE96 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEG_SHNbdE9wNpf2cxXqw2MU&google_cver=1&google_push=AXcoOmTV0rWVYHHA_L7eVJH5jfx5InKdhHannZMoZ3O-CnnZ2uiBPfWRUsFdjOFTNPOI-RfDeRbXd9l3h36vFaiSqAQGyO_Sh7gM
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.242.208.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-208-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 19:14:44 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame EE96 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0iCFyuprbkbbZxY5Qpim1kqrmTJRpZRXalx7G-JBuy1aIOh-L9fj8k4yKnyC4jyrhBfL6
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 15AF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
6290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 17:29:53 GMT
pixel
cm.g.doubleclick.net/ Frame 97F0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQrnGUQ2WJq3W_cJVdEQH39rz1ODJ2C51WDZsHLEew...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQrnGUQ2WJq3W_cJVdEQH39rz1ODJ2C51WDZsHLEewSG9rO7skbqIxqr4-5i-SmM5MYkiQvwyrJPNjkQy7pLiaRigbxS_E
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OVlLVHdubjMxUjgzeEY1&google_gid=CAESEOYeZ2ZFJLeaQl4cfJLIAfc&google_cver=1&google_push=AXcoOmQrnGUQ2WJq3W_cJVdEQH39rz1ODJ2C51WDZsHLEewSG9rO7skbqIxqr4-5i-SmM5MYkiQvwyrJPNjkQy7pLiaRigbxS_E
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97F0
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UrUAA2SapB-cmrO8Wc94&google_cver=1&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-2DDVknPaPpFw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-2DDVknPaPpFw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA5F1EE4D0F94A9CA3B3927764CD02AB&google_push=AXcoOmTJT9XW76893wtj-oib26O5luWFeb52-2_6X68ys-snYbJjxVX_D3xz-i5VMpvFjf9VPNSfs5EaP2_kun-2DDVknPaPpFw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 19:14:43 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 97F0 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED9P8mdJ5IixLKetABwb7fg&google_cver=1&google_push=AXcoOmQsXe7ilOStoVo2ojV2k30iq0vRKVfn93eF9hCpviCIZxVdpsXbHsub_lRpPCaPWbagPug55EB6ptcbJs-8n_oN8LZxnYw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 97F0 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH9XySlXiAnzkZcKUWycy7I&google_cver=1&google_push=AXcoOmQkaR6h6PRklnDQes2-Kkqw_zLNemfoCwwNJt3q1tkEsDzjALiZG1kSA1_dAPzMqOoEr4p0xbA20_sooAddKq2eKm93fEs
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.249.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-249-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dds
rtb.openx.net/sync/ Frame 97F0 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHt8uQi4gIQflbnISBsOrNk&google_cver=1&google_push=AXcoOmTIMqUnjceQVaRT0xkh3wwngPC3RF5p1DlYibk31kO0VkwXnN9CBIultewRNRi0_QNKl0JXbMgcjU-brlAgT_oo1KVSRQ
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 97F0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE-xqAwvhGJd758zq2bVbCE&google_cver=1&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzU4NjIwNTk0OTM2OTM3NTkwNTMw&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzU4NjIwNTk0OTM2OTM3NTkwNTMw&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzU4NjIwNTk0OTM2OTM3NTkwNTMw&google_push=AXcoOmQBe5u2FKBqStsQeFP1cDvF4k9S8agqoEuhIWFl8UT5S2Py6eEXpODLYM43w84RJQtbbXxKgRjlRDsu6ldbk--QiYS_u8c
date
Tue, 28 Nov 2023 19:14:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
report
sync.teads.tv/um/ Frame 97F0
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMNFooSepMEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ9_bBtcNmDBv_pCICbD6VNbFBifmnzPMtTBrhf8BbW62q5tqEf6nvIGjNsP9heNWL6WgQScq-ztgkMIrn6fmZRtulJ-fc
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 19:14:44 GMT
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 97F0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpJMb0RM1GXVKbWWPCNUAqTlXrT9XTyRWJhUMvjXzTqm7lczZf6UZY640162N1kWiYkgP_Nw
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame C7FC 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 19:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:19:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 19:14:44 GMT
/
hal9000.redintelligence.net/scale/ Frame C7FC 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e99348fc214cff0b8c560b5c16dd9fc2b3c025278e78365e63853fe00dd1fda3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C7FC 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f2cbce6e3ef779363628cf7cef32572795c60c0ffbddd987ac05a398e2d45538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C7FC 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
808881508f57ed4793b9eb4ac1906510a3e4a5e56e5909eb3f5a73a8b1be1c00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
51110
Vary
Accept-Encoding
Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame DD3E 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=78376100177904004444978012522010&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-48.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:26:48 GMT
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10076
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m2nPO236WirQ4YpwtXOuAxLUkjJgWgTqmJb2PA6rTmAIPYHcJkNV7g==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame DD3E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1701199183&Signature=gtI8ZoM4NoZg~JXVKL8qmD2CPOnJoaHV8WnBTucJNIuCGOdn4ADsW2CSCpQIxowCph4v9Y6KutXtDcyVbqbxMCAkCs5br4U4EHs1-aSzOGPIidnXrX573n83lYxlcBZkNm1pSQqd~NPZgO9FDPva4UQRECNyp6Yg~rCgqsAjofFNMOmtmlZQCc6n8pvooRdM3KhvBV6jh4g8aMFKS2J-xXvb-PqLPMP8cm0ddxtJj2sbG0gx65nABBClh~sMtDvFJ~25nFpCjm3~7MF3h6x5vTmRCQmPJhamWUlhJecRPNrnvXq96pGeAiGpxYH1roQLN3kEPiFaJNrN9NBgnyX49g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 28 Nov 2023 04:06:27 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
54499
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
99sGiqe7d2Auc8OCckch3QrWi1ROJUahsEDETEinkFZmGNkPlh0TPA==
viewability
hal900010.redintelligence.net/ Frame C7FC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=78376100177904004444978012522010&a=f73fdd46&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=78376100177904004444978012522010&a=e0514e85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C7FC 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
339865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C7FC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
382307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 09:02:57 GMT
dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27
adservice.google.com/ddm/fls/z/ Frame AC66 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM2qrdmz54IDFTVdkQUdXtkA6g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7252573761231.27?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame B156 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lapa.ninja
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:43 GMT
server
Kestrel
server-processing-duration-in-ticks
383121
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lapa.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 19:14:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15AF 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvSPQIzxmZeCjK7Xtx_AP0vi-qAEAAAAAOAHgBAI&bg=!wMOlw4zNAAZxrfrxUa07ADQBe5WfOK1ohmfd0RODo9n3UD0sk2xkJGbEquD8ya5QP3_Kgnx4L0X6AAh_becD-AW0Z1jWAgAAAENSAAAAAmgBB5kDCeUsPjciC2_TI866J5LTOGXj9MRkDzLx4tfHSxgiQneTTwP5ZAJ8PIrxa0PAIGVFnl1jVwoxTMHXQtIqgaj-tK0gQENWWBe4TYxUD-Gg-1e4HpOesTUYCJuxQovPXpWPVqAKNRk5eL-FJD3NcJiieELs05Q3B_6yUe_OmujPdL4eSKZUcE0FBrQo6dJqXj_jLCdmNXAvEtzI2ZNhy-fVS0Sd8YjOBLbT98GkWyjAZ1knoLR3blyYeDj_ghrmUWRpO8_vVN1sDx3VkIBLMryT4sEKcQ0VwNKtCZuQQx0nIJBebaPK4LWiab-Zj9-5yNzoSCkAl0j0J9V-_5FDHly1fqBVhI8hz09Y6tna6i4TGZDdTxCae1jqXNu1OY4Bpk9j5bDgNsZTxVjTl0EpMMUW_NR0hmzp4lu8hEuWhltQRtBB6zaQU6en5n3DnrHr9I5jES5FTx1sd7KpMtOPq6Ap3fYw8mD6_P6uSdU2aIE9e6RDV8kq9mGTyhMGtNnIM2WT1m4zags7vPALo8VPClMMKrLLVEjIFU5yCUjCvbMg6iw74DYrNObktg1Bx4vqgfpT4EZjjy1kZAz3ZpZ1kqbqxRO4c9tDh-Ugl-JgZSzU9Bpr3dPW1a1DiEpbrlYsUjw179D1r_xkTwfZ0KbyH_wfFTSlz-eWR1ORWiiEfNiczDLa62mn3z3sdy4CZ-fsGeUjYb-GniKQ8fvj7osXrgaIgDW75cIVyLH7PG3h2rvh9ydJGn4BajiD0o4udS9cNO9ctTjlqvny0UXFweGidpgzSugtTdgqPle5QuLSUPaAjvRL_yV6HdxuHVEAHfE23Z6xVi5NvOf9FsNF4VbtSEvuPtl8fsLyEBehooivzNQ2brF61y9UQF1mHoqcHJSMA9Q5OCqSrR0gTsoVKcxH5hXCEmT7KDOtxfkpbYO8O4DJiVSoMI8R4QaWHaHdt0f1ODe18JdlgNqMGQOZe20gM4wXhhHd1ZD-FRiyJqoO_Y7WswKNdqaBxkJuUaYvNVvF4cFeH8kKOCrI3aOkeQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame B156
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lapa.ninja&sn=ChromeSyncframe&so=0&topUrl=www.lapa.ninja&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kClzz3xXREhrekJVNW9TYjdFVXdyWStBOXVnSVNDejVrYkxDRmsxc0dlN3B1SWJ4d3R6cVZZZ2RPa1NmNFpMTDJzTXEwb0J4UVZKQndoQjU2ak0rMEd1bUdTWkRyUG5nbG0rR2wrNXJsQ2tsMVl5NXF1a1NJYU9wWFJmOH...
425 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kClzz3xXREhrekJVNW9TYjdFVXdyWStBOXVnSVNDejVrYkxDRmsxc0dlN3B1SWJ4d3R6cVZZZ2RPa1NmNFpMTDJzTXEwb0J4UVZKQndoQjU2ak0rMEd1bUdTWkRyUG5nbG0rR2wrNXJsQ2tsMVl5NXF1a1NJYU9wWFJmOHpJT1hVczg5bTllejhWSVRDNHRlRnNNMVRSeks1REthUG9SaW9IdFNhN21VRHUyREpIZTVqeXVLNndJRFFPRXN4RVIyNXA0amxaeGI1d0ZKdGN3SnIydUlmekxjekpBWVBmekgvRU01eHVhdk5iY0VVMTNIaFoxWDBoN3U0bFRQSlhjZXY3MTM3bmZ6U0RlQ0ppTjh3NzlqajdWMExIQT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
de7742e668357139f5ec17fab484c6688ccc9c90b59d6be6a98295be59605b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3722050
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kClzz3xXREhrekJVNW9TYjdFVXdyWStBOXVnSVNDejVrYkxDRmsxc0dlN3B1SWJ4d3R6cVZZZ2RPa1NmNFpMTDJzTXEwb0J4UVZKQndoQjU2ak0rMEd1bUdTWkRyUG5nbG0rR2wrNXJsQ2tsMVl5NXF1a1NJYU9wWFJmOHpJT1hVczg5bTllejhWSVRDNHRlRnNNMVRSeks1REthUG9SaW9IdFNhN21VRHUyREpIZTVqeXVLNndJRFFPRXN4RVIyNXA0amxaeGI1d0ZKdGN3SnIydUlmekxjekpBWVBmekgvRU01eHVhdk5iY0VVMTNIaFoxWDBoN3U0bFRQSlhjZXY3MTM3bmZ6U0RlQ0ppTjh3NzlqajdWMExIQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
283652
content-length
0
expires
0
tracking-event
api.webgains.io/ Frame 8E8F 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.38.151 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-38-151.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.38.151 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-38-151.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 28 Nov 2023 19:14:44 GMT
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 50BD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38207
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Nov 2023 19:14:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3649, 177159
X-Served-By
cache-lga13626-LGA, cache-cph2320024-CPH
X-Timer
S1701198885.796205,VS0,VE0
pd
u.openx.net/w/1.0/ Frame C971 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 28 Nov 2023 19:14:44 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 8D98 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-18.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37658
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 28 Nov 2023 08:47:06 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
x-amz-cf-id
bG-xvqMvx88miJ9LPUHbkrV-7BfA2eBH-0Lsp5JkulN4QQx6wD2xFQ==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame ACA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1701198881492
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame A62E 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/lapaninja.js?1701198600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.119.108.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-119-108-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aae2903126d0b7357874bb6a00eb420e6996a9c387ac2d94c525ccf78c2a0eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.lapa.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8556
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 19:14:44 GMT
expires
Thu, 30 Nov 2023 19:14:44 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
tracking-event
api.webgains.io/ Frame DD3E 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.38.151 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-38-151.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.38.151 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-38-151.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 28 Nov 2023 19:14:44 GMT
server
nginx
13926
g2.gumgum.com/usync/ Frame 99C3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.46.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
278310b7ce378c8b3165eca557911196ae5b50e4f13efb482fd4aed530d023fa

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 28 Nov 2023 19:14:45 GMT
etag
W/"0ab7e5962952927b40e98c3434f77d4dd"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A52B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2912 		996 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6bba80b0386d5b9ffcdc448f58e3e8bd5ff458454edbcb9f40beac752d3cb3ae

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
996
content-type
text/html
date
Tue, 28 Nov 2023 19:14:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1E96 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ce4689c811b95ae260a3bbdf2aef86e75b147822f34cc44b9b8de1699d71c4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82d4ef863d589b82-FRA
content-encoding
br
content-type
text/html
date
Tue, 28 Nov 2023 19:14:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YF9FJILzpRwhtxcEN7Qie%2FlxVOvMnDKIq9UodKgqbN8%2FA525O3kcKdr9lRWxJR7e8bDB5eJy51y5oF6%2BQZsz7TAyZAlQ%2BBYcg1qwRCqQdT0xe03G8aX7Cynzh9Pr2r6wYkKT9bT3WHjTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8743
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 19:14:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 28 Nov 2023 19:14:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD3B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121147
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 19:14:44 GMT
expires
Thu, 30 Nov 2023 04:53:51 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 86EA 		0
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:8200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 19:14:44 GMT
server
istio-envoy
via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
x-amz-cf-id
hnGprm7uLpiPBRL2hzbDBmxynRvsPRGf4X5QkBXEUKdq7O75GoTrBA==
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame FDCD 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 28 Nov 2023 19:14:44 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3D1A 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.172.246.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-246-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 19:14:45 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2476369707372003380
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2476369707372003380
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
an-x-request-uuid
a065da60-a30b-422c-9baf-5461a01ee381
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=2476369707372003380
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Hu7iuGZH1781crvmR0qV57BN
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Hu7iuGZH1781crvmR0qV57BN
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Hu7iuGZH1781crvmR0qV57BN
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 8D98 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 28 Nov 2023 19:14:44 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701198885194
  • https://ad.turn.com/r/cs?pid=45&rndcb=1966244634
  • https://sync.1rx.io/usersync/turn/3467997711509871982?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
date
Tue, 28 Nov 2023 19:14:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX261864a10f644586a3404f1bb8c75ba7003
content-type
text/html
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433831265321906
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433831265321906
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433831265321906
Date
Tue, 28 Nov 2023 19:14:44 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 8D98 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-214
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Tue, 28 Nov 2023 19:14:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 8D98 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 8D98 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 8D98 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
sync
ads.servenobid.com/ Frame 8D98
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 28 Nov 2023 19:14:44 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 28 Nov 2023 19:14:44 GMT
async_usersync
ib.adnxs.com/ Frame 50BD 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
an-x-request-uuid
d942d07a-2d89-4cfb-a49c-d0cb0f4bb219
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1E96 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 1E96
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KR9VB4EFGDYSVK2GBJ68
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VM0RPV66R83K76HJV1WF
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1E96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcymSSEVYvSmvimGwToFZOIKx1J0dxAisfxJZwwJOis1EgIfqt88%2B6N1qn%2FROLLfkWPCI2ngXE78WIjXQHg%2BOpNSxJOC%2BKhkeyS%2FwnSmsJbUH4ZpWNpIRP8obhjbYpND1%2B2YXSU3bLx72w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef86bde89b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEByUW4Je2FbuD-7tyspxeUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 1E96
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWY8Ia4fGHdPUQ.88XtNdQAA%265194&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWY8Ia4fGHdPUQ.88XtNdQAA%265194&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2b376945d85947b9b5185f32a3890088
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:75d1:8c51:db8:340d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:46 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7ef11ziFGSQQ0rql_VG6AMG-7LNK-gLwth4uHA
Date
Tue, 28 Nov 2023 19:14:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame 1E96
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbHRcJ73C5WojEYkHeOMDCvnZcHk1TuRAGhIGDuzG%2BTVT0kgWf2EFcuVvURGpcsvGx%2BfEDp2Yl7SIjSH1oM51FY%2B4jfPmx%2BKMHHHTzw2eTfspfh9zFrGnolKruViQmVMWhyH6AVrGigWTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef871e6d9b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Tue, 28 Nov 2023 19:14:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
tp_out
d.adroll.com/cm/index/ Frame 1E96 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3684:ac58:ec44:5836 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 1E96
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fab3abef-d20c-b212-938986a6
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fab3abef-d20c-b212-938986a6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QakElB8n4xx0AcLoYQC%2F45jZmnnuklzcVY6uxUBwcuRxoT8GcxSftv9d2BzeWSDrlf1v3UWFWObh4vEw4d6vWUBlJhwGAEN5bP0UZ5uleIbCK%2FIMIXwqroaMrCE99KuXV%2FJYJZQjDVx%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82d4ef87cf599b82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 28 Nov 2023 19:14:45 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fab3abef-d20c-b212-938986a6
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ix
ad4m.at/ad/sim/ Frame 1E96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame 1E96 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8941459241154&version=m202309260101&ct=77&x=1&cor=6172749018976633000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FD3B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89694966&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
content-length
0
sync
ads.servenobid.com/ Frame 2912 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7563803683593347661&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2912
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2476369707372003380&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2476369707372003380&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:44 GMT
an-x-request-uuid
e467c423-bc39-4609-b489-1a1ad7585b87
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2476369707372003380&gdpr=0&gdpr_consent=
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2912
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzU2MzgwMzY4MzU5MzM0NzY2MQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&gdpr=0&gdpr_consent=&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOziSER59X_hvU1J8bwQiEg&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2912
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0Z1W6PD20508Q1KKDMAY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ATCCTWV691XWNKTHEB5G
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=7563803683593347661&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
b1sync.zemanta.com/usersync/smart/ Frame 2912 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.255 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C9A 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=835150612167&version=m202309260101&ct=77&x=1&cor=6821525932856409000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2476369707372003380
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2476369707372003380
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
an-x-request-uuid
039a9e84-bed0-48d9-b54c-6c640d373b8c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2476369707372003380
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 99C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.192.249.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-249-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c
date
Tue, 28 Nov 2023 19:14:45 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e68f4397-bc75-4ffb-9d9b-cfdc8aef3ecf
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e68f4397-bc75-4ffb-9d9b-cfdc8aef3ecf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 28 Nov 2023 19:14:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e68f4397-bc75-4ffb-9d9b-cfdc8aef3ecf
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Date
Tue, 28 Nov 2023 19:14:45 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-X59QVUNE2peTNVCva60QyToYtprwk_IrL.Us~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-X59QVUNE2peTNVCva60QyToYtprwk_IrL.Us~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 28 Nov 2023 19:14:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-X59QVUNE2peTNVCva60QyToYtprwk_IrL.Us~A
content-length
0
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c86d987b-9ed6-4bf3-932f-b846898e3d3f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c86d987b-9ed6-4bf3-932f-b846898e3d3f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=c86d987b-9ed6-4bf3-932f-b846898e3d3f
Date
Tue, 28 Nov 2023 19:14:45 GMT
Connection
keep-alive
X-CI-RTID
6dd7de18-cdfa-4971-8539-12a0af50b5da
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 99C3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:44 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=GorbUSsgRVsH3vfE3Aly&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=GorbUSsgRVsH3vfE3Aly&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=GorbUSsgRVsH3vfE3Aly&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=mKlkCgB3r51X&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=mKlkCgB3r51X&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=mKlkCgB3r51X&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1
usersync
usersync.gumgum.com/ Frame 99C3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7563803683593347661
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7563803683593347661
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 28 Nov 2023 19:14:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7563803683593347661
date
Tue, 28 Nov 2023 19:14:44 GMT
content-length
0
sync
ads.servenobid.com/ Frame 99C3 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:14:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame A148
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2004332685732940548&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2004332685732940548&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.46.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 28 Nov 2023 19:14:45 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 28 Nov 2023 19:14:45 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2004332685732940548&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 67CD 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jMDQ4MDlmNy0xMWJlLTQxMTgtYjhmMC1mNmMzZDJkYzNlMTA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 19:14:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AFB3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121146
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 19:14:45 GMT
expires
Thu, 30 Nov 2023 04:53:51 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame A7A8 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 28 Nov 2023 19:14:45 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 6793
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWY8JcCo5ssAAIo0WUIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZWY8JcCo5ssAAIo0WUIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 28 Nov 2023 19:14:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 19:14:45 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZWY8JcCo5ssAAIo0WUIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad94.dc4p.scaleout.jp
X-SO-IP
217.114.218.22
X-SO-Key
ZWY8JcCo5ssAAIo0WUIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZWY8JcCo5ssAAIo0WUIAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad94"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad94
usersync
usersync.gumgum.com/ Frame B529
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ieDfoDTsmXF6hIWRnbSpgTAKsZbUxvaCVfcv_8ibTk8&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ieDfoDTsmXF6hIWRnbSpgTAKsZbUxvaCVfcv_8ibTk8&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 28 Nov 2023 19:14:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 28 Nov 2023 19:14:45 GMT Tue, 28 Nov 2023 19:14:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ieDfoDTsmXF6hIWRnbSpgTAKsZbUxvaCVfcv_8ibTk8&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7142
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 19:14:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 28 Nov 2023 19:14:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 8743 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 06:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41791
Connection
keep-alive
Content-Length
13230
Expires
Wed, 29 Nov 2023 06:51:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1201444505337&version=m202309260101&ct=77&x=1&cor=13750783698460334000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 8743 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
usync.js
eus.rubiconproject.com/ Frame 7142 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-162-113.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 19:14:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 06:50:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41791
Connection
keep-alive
Content-Length
13230
Expires
Wed, 29 Nov 2023 06:51:16 GMT
khaos.json
token.rubiconproject.com/ Frame 7142 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
async_usersync
ib.adnxs.com/ Frame 50BD 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 19:14:45 GMT
an-x-request-uuid
bc500500-1e11-432f-8318-6add160c973d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKROtuJh7FgEv_apRttnFX0&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| dataLayer object| _bsa function| _bsa_go function| _bsaViewableFaker object| _bsaViewable function| _bsa_serving_callback object| _bsa_queue object| adsbygoogle function| _extends function| _typeof function| LazyLoad function| Tabby function| toggle_visibility function| gtag boolean| adBlockEnabled object| testAd object| myLazyLoad boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| bsaexperiments object| bsablockthrough object| bsagpt object| bsaheaderbid object| optimize object| googletag object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| apstag object| GoogleGcLKhOms object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| Criteo boolean| __bt_already_invoked function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| regeneratorRuntime object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| sas object| apntag object| _ADAGIO object| google_llp object| au object| google_image_requests object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

93 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDNFgoJCP____8HENcW
i6.liadm.com/s Name: _li_ss
Value: CgA
.lapa.ninja/ Name: _ga_GJ9DCL233K
Value: GS1.1.1701198880.1.0.1701198880.60.0.0
.lapa.ninja/ Name: _ga
Value: GA1.2.1168814266.1701198881
.lapa.ninja/ Name: _gid
Value: GA1.2.1942541085.1701198881
.lapa.ninja/ Name: _gat_gtag_UA_63822820_1
Value: 1
.cdn.lapaninja.com/ Name: __cf_bm
Value: oTi1tkV3DNv9yGe07ufM595uuy0aW471SrYscGTxrMs-1701198880-0-AQi3UIwJyQ0zwL1ZMFT0mVGlEj9mUo8Xlj+TcNmgX6jD85Zsb/9mER+DVlwB5mmk3JdQgxLWY3cfvwmMrcAkmNc=
.lapa.ninja/ Name: lotame_domain_check
Value: lapa.ninja
.lapa.ninja/ Name: __gads
Value: ID=c9e4455209f42e86:T=1701198881:RT=1701198881:S=ALNI_MZXkmwc7WAPEnRmdCh3m7WshJ-Q-A
.lapa.ninja/ Name: __gpi
Value: UID=00000ce16f9cf386:T=1701198881:RT=1701198881:S=ALNI_MYuwOq9AtdblJI2UKA3LRPfFvlhRA
.doubleclick.net/ Name: IDE
Value: AHWqTUlV6wiIrZeOT6rssZP-PJs067QG0ztwrzkZa4kizDKxHNwoxNpO3N7V5JMA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 2476369707372003380
.casalemedia.com/ Name: CMID
Value: ZWY8Ia4fGHdPUQ.88XtNdQAA
.casalemedia.com/ Name: CMPS
Value: 5194
.casalemedia.com/ Name: CMPRO
Value: 5194
.doubleclick.net/ Name: APC
Value: AfxxVi5Wn8visPBJ9Rxl-OLFJ5-5GRylzAX94VcXs6mxWUydizZ3qg
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?edtCMW!]tb68i_iqf!oN/@E'zz<*Z0Qf<DHKX2AL^I%SFG9nW]FT](XciYMgw8E'!2TD._*PlZ[C[-kX-@eu5[
m.exactag.com/ Name: exactag_new_gk
Value: b2b306dc0fd74d22b1f4e0ab419991d9%7C27.01.2024%2019%3A14%3A42
m.exactag.com/ Name: session_session
Value: 9a0401e8a5fa410a96c2cbb4
.lijit.com/ Name: ljt_reader
Value: Hu7iuGZH1781crvmR0qV57BN
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EHYBCQHEKoEA
.quantserve.com/ Name: mc
Value: 65663c22-dd1b0-7912c-1a5f0
.ctnsnet.com/ Name: gid_CAESEAluFz4LohJmd0KMUWUkLB8
Value: 1
.ctnsnet.com/ Name: cid_e23e291f8f514876abece3ceba30711c
Value: 1
.ctnsnet.com/ Name: cid_cc034cdf56f146e78154b0b0724b3ea1
Value: 1
.turn.com/ Name: uid
Value: 3467997711509871982
.adfarm1.adition.com/ Name: UserID1
Value: 7306593562225277072
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FBF3A149-0372-4FED-10FF-6914E1E47DE3%22%7D
.de17a.com/ Name: guid
Value: 1.3824431106355789283
m.exactag.com/ Name: exactag_new_uk
Value: 5c30ee885b25494882a4af6147e8d67c%7C
.yahoo.com/ Name: A3
Value: d=AQABBCM8ZmUCEH1BstMObmz2FuesNyEJwKAFEgEBAQGNZ2VwZQAAAAAA_eMAAA&S=AQAAAgu8tr18J1FQN6_zsRtJv4Y
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 585089ae5157d60c
.simpli.fi/ Name: suid
Value: FA5F1EE4D0F94A9CA3B3927764CD02AB
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.w55c.net/ Name: wfivefivec
Value: 9YKTwnn31R83xF5
.w55c.net/ Name: matchgoogle
Value: 5
.awin1.com/ Name: awpv11601
Value: 113440|1701198883|63052d60-8e22-11ee-a3ae-223050cf75aa
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWY8IwADBCT0OQAM
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1701198883831,"clickCookie":false}}
.adform.net/ Name: uid
Value: 2004332685732940548
pb.media01.eu/ Name: DTU
Value: 33424BA65164C688B1D198564E319107
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FBF3A149-0372-4FED-10FF-6914E1E47DE3%22%7D
.3lift.com/ Name: tluid
Value: 758620594936937590530
.blismedia.com/ Name: b
Value: 65663C2434DBFC9A3C912436BLIS
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 7bf18698-6339-4f75-b6b6-08448877afb9
.lapa.ninja/ Name: cto_bundle
Value: -o7oBF91Mm44NFVtTSUyQjdra2l6TWhwJTJCZ1NZRkRhQ3dFMGZvajBXcmVxbDBIY3F0aURBNlhsM0hUaEE3VGhCTGtsVXhvcVExUGNlSUpTMHdLV2l4aDIlMkZaNHVwcjZKUU40MVl2d01oVzF5cVNKTFNJNzhpaEptUGZKNXhkSnZQR1gwMm1obUVoVEhydDhqVmlnakM5NkV0Qm1tWVElM0QlM0Q
.servenobid.com/ Name: pid_312
Value: 2476369707372003380
.servenobid.com/ Name: pid_333
Value: ZWY8Ia4fGHdPUQ-88XtNdQAAFEoAAAIB
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.smartadserver.com/ Name: pid
Value: 7563803683593347661
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtobmBoaGlhYWFiaWEOACrq-q0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQyMzU2MrQ0MBPiM9T18UsySQ_NKnGL984BAB87KKQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQyMzU2MrQ0MBPiM9T18UsySQ_NKnGL984BAB87KKQlAAAA
.servenobid.com/ Name: pid_310
Value: Hu7iuGZH1781crvmR0qV57BN
.servenobid.com/ Name: pid_317
Value: 7563803683593347661
.gumgum.com/ Name: vst
Value: e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10
.bidswitch.net/ Name: tuuid
Value: e0cdfd9d-3506-45ee-8b5d-64ca92eecc5c
.bidswitch.net/ Name: c
Value: 1701198885
.bidswitch.net/ Name: tuuid_lu
Value: 1701198885
.servenobid.com/ Name: pid_324
Value: 5107433831265321906
.servenobid.com/ Name: pid_353
Value: 0000EEA
.openx.net/ Name: i
Value: c21ed8be-3de7-485a-a036-17d926980c74|1701198885
.brand-display.com/ Name: _knxq_
Value: fab3abef-d20c-b212-938986a6.1701198885.0.1701198885.1701198885
.servenobid.com/ Name: pid_309
Value: e_c04809f7-11be-4118-b8f0-f6c3d2dc3e10
.smartadserver.com/ Name: csync
Value: 76:CAESEOziSER59X_hvU1J8bwQiEg
.creativecdn.com/ Name: u
Value: CNmeEaHNDGW7BVrriUis
.creativecdn.com/ Name: g
Value: CNmeEaHNDGW7BVrriUis_1701198885201
.creativecdn.com/ Name: ts
Value: 1701198885
.go.sonobi.com/ Name: HAPLB8G
Value: s86214|ZWY8K
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
.servenobid.com/ Name: pid_346
Value: ua-a688b8ef-14aa-33ea-834c-e45e6c6576be
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6746b1382751660a
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003%22%7D
.servenobid.com/ Name: pid_321
Value: RX-261864a1-0f64-4586-a340-4f1bb8c75ba7-003
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 2b376945-d859-47b9-b518-5f32a3890088
.ipredictive.com/ Name: cu
Value: c86d987b-9ed6-4bf3-932f-b846898e3d3f|1701198885507
.zemanta.com/ Name: zuid
Value: GorbUSsgRVsH3vfE3Aly
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCCl-JirBjABOgRyABfNQgQ8fRdp.4iTE6ljukEigJbcaqukCiDNYWD88HSzjrkBahzSGne0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCCl-JirBjABOgRyABfNQgQ8fRdp.4iTE6ljukEigJbcaqukCiDNYWD88HSzjrkBahzSGne0
.amazon-adsystem.com/ Name: ad-id
Value: A4Tgz6do7keXicOVd8vIzUo

4 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKROtuJh7FgEv_apRttnFX0&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20563363907&extPm=20563363907&extCr=524303158&rnd=1701198881710602' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8ad51974e2bcff6251ea2d81029247bb.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.btloader.com
api.producthunt.com
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
buysellads-d.openx.net
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.lapaninja.com
cdn.track.production.webgains.team
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal90007.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
m.exactag.com
m.servedby-buysellads.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
medialead.de
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
track.webgains.com
u.ipw.metadsp.co.uk
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lapa.ninja
x.bidswitch.net
sync.search.spotxchange.com
104.119.108.27
104.18.36.155
108.138.36.48
130.211.23.194
130.211.44.5
138.201.63.145
138.201.63.157
141.95.98.64
142.250.186.102
142.250.186.130
142.250.186.38
142.250.186.66
142.250.186.98
145.239.193.130
145.40.97.66
151.101.1.108
151.101.130.49
161.35.94.188
162.19.138.119
178.250.1.9
178.62.198.146
18.169.38.151
18.173.159.32
18.192.249.116
18.195.110.104
18.238.243.82
18.239.18.12
18.239.69.131
184.30.211.26
185.184.8.90
185.64.190.78
185.86.138.123
185.86.139.102
185.89.210.244
193.0.160.131
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
211.120.53.205
213.155.156.181
213.202.235.9
216.52.2.30
23.35.237.56
23.60.204.187
2600:1f18:ed:550f:75d1:8c51:db8:340d
2600:9000:2449:8200:1f:4c18:bd40:93a1
2600:9000:26da:d000:12:352e:e540:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:293c
2606:4700:20::681a:6d0
2606:4700:20::681a:7d0
2606:4700:20::681a:9a9
2606:4700:20::ac43:4513
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:994e
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6812:dc0
2606:4700::6812:e753
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:15::213:7e47
2a02:fa8:8806:12::1370
2a05:d018:cc3:fe04:3684:ac58:ec44:5836
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
2a0b:4d07:102::1
3.11.123.127
3.124.253.58
3.75.62.37
3.86.126.229
34.120.63.153
34.160.19.107
34.242.208.83
34.242.46.191
34.95.81.168
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
35.210.239.72
35.244.159.8
35.71.131.137
37.157.5.132
37.157.6.235
38.91.45.7
44.216.232.169
46.228.174.117
50.31.142.255
51.89.9.251
52.19.228.53
52.210.15.1
52.46.143.56
52.48.81.28
52.86.174.189
54.146.33.131
54.172.246.175
54.72.113.40
69.166.1.66
69.173.144.139
69.192.160.199
69.192.162.113
76.223.111.18
77.245.57.72
85.114.159.93
88.198.250.30
92.123.148.9
94.23.99.218
95.101.196.17
99.84.88.18
99.86.4.36
02a4afb349429cc2dd1be56eac71c16af5df90464cfd33655b0a22ba49f12ea9
02af9ea0a3a533823c235a2b73ed42297c9e486f1320e102008ec0908ce21191
032133a9218a350d49b71667de8243b43d725c747f1d07833e0c4976803743aa
044154544ae6a2b5625a48a37ec752aaceffa48488c8e494c0cff3fdaf00eebb
053115cc5c964b03ee82d9e3e4f2875910cdb9f02a1538d3d0bc99dfd18fb8cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
082874fa123c35db3acf42ee12c0069dd2ad4b6e8f95042738fabf89f22953f6
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0a4d47a095efd53dab83003aa8203c6e91ba4cedde0bf907a43e7d1fb8691dc8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdd431370c1cf3133a0480a28b781ead6b67d68a8047814bc17ac4fc96e9359
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c7cf8c8994757bcd770db5e1ab5bb2023ca625d16262d67a178fe32cfce24e7
0e4799792ea64a64159a6824f81b8042582a56a814b531973bd362505fdb3946
0ec76b8e1ef15d56a8c99a63434940ac5fd36bf94354050cea36b31ef6d50e74
0fb0ad6186d07ffb1338638c4f96858763c8b4d6c6032875419a64ab2cdd6fde
15163e96ffe9fc9920a779f0d37c24e53fd5cfde6052b9021c3d0e11e538efcc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165ead97130aee9989da6ed77b98b6928ba3820a8de37fd0b1ea5c537305d814
17e5d8742b66bd6200c83cd413be6d8a0c220619b80808ed43bb9e2a9b71b940
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1af8dbf4ca78c662eb2aa07fc43587cbb327b23d0e1aa24edae7bf922ff63c7d
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f0557d2a1bea048a13650fab57f2665ac5acb3995c72be792a894486d205671
21c628c00e084fa1f22fe227b8ce4817ae723609d245e1d9c24eaf0afee396f6
2217ae31ffd73a9066945f467c971a407148636960faa30988e41ca0320e6a62
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25ce4689c811b95ae260a3bbdf2aef86e75b147822f34cc44b9b8de1699d71c4
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
275b8177dbc1950ff232ffc7d4f0949fb8e09e9601ed6ac1e9ef51e60d444576
278310b7ce378c8b3165eca557911196ae5b50e4f13efb482fd4aed530d023fa
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2a2be85326ca666f9f79695a2b950a4bfad8b16258ffa83eb585d2a51b65be75
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d62734603e1f78de1eb9d35650109929172c07bc1019ab0637fe0c37e6bf336
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efbaa0da7fc1760a56f9b32292e34e11c29ebdd9baaaf22f3e2fe62a5460341
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3172d72fc88492eede463818ef095356e52a4350a052b866eb311bca2ba6ee19
322276159de667e68c91a99a6f99cf1f8430b76f098c1e741ba535905eb5084f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3290aa1cdacdca5c351b9fcfa09dfb34fb3e25602d299b81c4ee13e9b87e2c36
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37fa2bb4bf5bbc8c247cb884c18d661c3fae6e80abb2a0a065e0ee97d352c12f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6edf666228a8fb432ec6adf7d150448c8ec71ff557a55bee37ed54440dfadb
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3fcd6173da74e2badab0d33bf0612b0514c9d7a8fb73eb4d674414a36f67406d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44c9f99469547c636ccb41073305526a4ab4b898cac4f728d577f6c21a90c8de
45a6434e9cc12ac962483751a9a6db207d6879277e3f8d97e4fff2d55523851a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49f1a24d9cb192a7976bb8937703e82579d8476dcfb2353f760b56abc1d709e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6c9d5ac53610a03d3a0072c60184bb3ecffa653b5e0884d2d12ded86da6613
4fd5dc6b39ba19c622b8559269454c5ba94f3dfcfaa81714e36a8a6d6d805c02
50521f3f93a2798b3396285cb2402f5f56a7b88851fe8211bcd1ab3e8d6e027f
508dddc1f347d3c9c8742a58339a25d00fd46adcd20a5d8bee0e89988daac9eb
5136909a848ffbbaa21167de08d454cec8ffee9946e6231a2c2c6dfae780d828
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
5a505d84f0fdace216de9d5f6150731b6df651a4d12a2293219bffe245c2826c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ec047e038c204b30bb17946515fde58e15e2f231c5d9dca49ef5b1689c59f08
5f20ab5b413a36185d952da474900b7d0f10feeab36c3bc058f9284ce2785f29
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63a28ea2a6dd89ff16ac62fa6cb524222ec84c9db64db0e094fd69cc6ebe825e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67872d115a4f41e869e5bb8fb8a3543ef2309bffb4d2c19068d56547cdd3baee
67c1d297751fece54cfe8213a0246db1d63066823ff32d89530bcdb311a35534
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6affcf70bb4531c7c8fc428b0d3d77d0629a78f24a51d2ac8e08f9e88592ce7f
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6bba80b0386d5b9ffcdc448f58e3e8bd5ff458454edbcb9f40beac752d3cb3ae
6bbc404229cd5cf961a4e5f8b272af5bc63e94c5f41b4f6315d859cce913c691
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f0e0029fc19ae329a07d7e657787bd5705e3e613e971b0a6b0c1a7fbad0f18b
7146e93e8058402d3c2a57060a39058e8b71c8a24083d1fc7c5486e2a67c42bb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
77b8c37a5522bc89f90ad983fc4c120ad5ccaf3f5eb96166518d65940cf51e2a
78102ff81f39fc0af297c263e34bf0a51471e14f1a227cf9c62b4bc279d07c6d
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ceae43f3e01bd70b0c09fecc00f6280f5c73dbf3be037067a7f7af7facdd869
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808881508f57ed4793b9eb4ac1906510a3e4a5e56e5909eb3f5a73a8b1be1c00
8098f89873bf6b58ca48a2797fc926f133e128a251c9c66578ef0f8695597899
81691eb0219085397c6ef309c668f983eb8ce3cd07d989e56202c9201f0e81eb
818faaf01132d2b3e88178eec72eec8c50a7d3b556e57b5baad4614c7cea499c
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84cb3c106eecdc460406ac8830a209279b54c5f4fa710724c1d46d2f58a47a5b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ced6f56a2ec5f97444472be2834d1ded5e25dd9f21a4b6107aba93f75e25431
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e202a5950ce92f159a812a0d51488e2ab6a5d85639996bdce55298393079d34
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e84fd9436924a2ecdb5162c25581384a82fca487b3b99f0d4d598a03a939c75
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91154fa02d9d5f74028764bcd80b0693db561e3cc53b9390745e0aab910af071
9182296fe326d3ac80b88c608456f49842aaf5a3280dfcc6c9b6265e54d172ea
928220ebda429710a118846ab53e2e4d2311986271b07cd699b6aabb19f76288
939be10d91010b695026b853973999ba2debc121f575d3cba94960bb6f40c325
98a3424e4a1f4d93bba914be8544119c7cfb75ec8eaab4e9ab646a5791dcbc0e
991b129b282c570c4c5b8fffc53bcb9a85aa29bb464409ce8fa19e0fe0093673
999e082a794bdbb21f4c4dc971767651342841dcb9fd92943dd96370f978e9aa
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc3a6ee832355de6f58dd01e765271f997247f92939b60afc39525c007a7df9
9c28c363294add55856865b33329eaba48bfdeaae8edb0b11b87ea677764695a
9d0b820dad15cf1df13f54bc054ebf319999563d3b161e09634b1554eca62c02
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a5258b908c51bc5c111528585429d4bd553291c5483b0ade66910b82db018e4e
a5673629ab0953683a71d5f4f7a9a14f02f4c9c0143fe59671b48ec24f55aa9a
a634797e71dd091a055f01aa63fc3d17f1e5c7ac321b4a35a08dce0cceddf414
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aa825d35a6eb1f800fd57bd15cfcf85a5c7911ff89efccaa60afaf8a2683f2f5
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aae2903126d0b7357874bb6a00eb420e6996a9c387ac2d94c525ccf78c2a0eec
abedd941a82ef442809be7181fd39b66b64e2f4113da65058952273187d5b7a0
ad8d73dfbc0774cb492a9790f7b3596c367109fdf7ad74a29eb66253b97ec18b
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14
af320fcb7c241ea86776e99407003fd07f5de329ad1be6846af4eddcc195c8bc
afc391c453f4f2737c278dfefa6b132c4fd8e854ffffc277e819bc0bd3ad894a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0d09a0661ee4890d59a400325eeef8b14360e6d5ec2742df4b2ecf7e4665bf0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b3c46bcfefc90b9ff044f237f9bdcb2b5cb2b1d56ab27c50d89af29f41672e4b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bc2d054ef4de79c1f0c982cc6439c6ef7385853321e8d7bb5091a0baf7fd6891
bcbe9614aff994d450e4f4e4a4e9a2633429619d85decba7ea040f5d2023d081
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c1c8dce91e75d2d1747564022caeb1c327735531e5809000061c21011582e7c6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7e324eac21af6ebf0ea6952b66550e5bad572a368f3e4634d42f408d7184ebf
c8b360a8e8a0c818d8f23d1914826495fb75192290a29b9ac0d4f0fb58be0aa3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cceb0bf160b67135840868721c27daf1fdd57da128ce4cc82b89e271d19bcd4d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
cfb0b59b72196849810752e999e1fd2044c634f878b9999b031b25d391e0040c
cfbe12cc8f7ab78ee062162063dbeabbf514575b2668f9d3af2b44116ec4e8ba
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d09b7f91ebcaceef1376fb04de6c7d9977118bfbe313ade191c684ac80c91fab
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3a6f26c492118f31988278595c72296f126866eab114342e008f654b21031df
d65cffd46ad6f00bd74fdc986f73d3be0327ed92e80c979cc2e42c6add8d838e
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9b3b3918edef64718897d59b2b6401c53deed6f9b766f3f221f9a334d25e34f
d9db9b115fa846c923a939264835b66bda1807bc834774d94a6bdd21c3efa54c
dba06db39e06de7beec752e277525d2f94d44abb4118e90475a0a8cfdcc87107
dbab2036bcde7a0face373591501658f81c49f01ad06a313e7f31f7e7025b56e
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd7501619aafbc82c69a0e4703d99c672fbddd6e82c5fba1b3dbb65eac9efff6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7742e668357139f5ec17fab484c6688ccc9c90b59d6be6a98295be59605b62
df35e938d88d9439f1096153697d175fee2b5e7662d473f68b5fa4de8f4bc895
e135b1762fd650e36feff396f26e0cf88c4cd10c2000667f9b932fa61b0d1c73
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ed4f30c04b0ddb11d067299bb8002532ee0776299aa9fe84ea551b7b627a4a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e99348fc214cff0b8c560b5c16dd9fc2b3c025278e78365e63853fe00dd1fda3
ea732f76376c1f93798e4ff7078477a9121323b1930e474836f07cbce1f1df29
eab64f0cc5082a6da312ca7d949eea0387f88d703980908653e8cd57d3bb367d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c34e6838e66bdeb8deeb506d6d9c52e3eaafd7e572136976c8064d625ffc66
f28f550cb505424282bd30acb49e474038a1a9c75510fc8b56a1d9c43214062b
f2cbce6e3ef779363628cf7cef32572795c60c0ffbddd987ac05a398e2d45538
f3b7e02410cc9081f05e7bd56e2f2b70bd0b435254f73555239cc117bc3babf9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f80b62011304275edf18f7edbb267e0ce9289ceef8ede0a97358143a15136d31
f91675c23b88066680582e10876a262cf1e45104e8182ad901e4f271674aa7e5
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1