gifon007.eu Open in urlscan Pro
2a00:19a0:3:7a:0:d9c6:7ac1:1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gifon007.eu/
Submission: On October 14 via manual (October 14th 2021, 5:30:15 am UTC) from DE — Scanned from DE

Summary HTTP 121 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 121 HTTP transactions. The main IP is 2a00:19a0:3:7a:0:d9c6:7ac1:1, located in Czech Republic and belongs to ZONER-AS, CZ. The main domain is gifon007.eu.

This is the only time gifon007.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2a00:19a0:3:7... 2a00:19a0:3:7a:0:d9c6:7ac1:1	34222 (ZONER-AS) (ZONER-AS)
2 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	13.224.193.52 13.224.193.52	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	3.124.181.115 3.124.181.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
121	23

32 2a00:19a0:3:7a:0:d9c6:7ac1:1 (Czech Republic)

ASN34222 (ZONER-AS, CZ)

gifon007.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-52.fra2.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	447 KB
32	gifon007.eu gifon007.eu	617 KB
20	doubleclick.net 1 redirects googleads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	101 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	371 KB
5	google-analytics.com www.google-analytics.com google-analytics.com	59 KB
5	google.com 2 redirects www.google.com adservice.google.com	3 KB
3	googletagservices.com www.googletagservices.com	112 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	9 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	760 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	sharethis.com platform-api.sharethis.com l.sharethis.com	42 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	mookie1.com odr.mookie1.com	324 B
1	quantserve.com cms.quantserve.com	464 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	656 B
1	googletagmanager.com www.googletagmanager.com	38 KB
121	18

	Domain	Requested by
32	gifon007.eu	gifon007.eu
22	tpc.googlesyndication.com	googleads.g.doubleclick.net gifon007.eu tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	gifon007.eu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com gifon007.eu googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
5	cm.g.doubleclick.net	gifon007.eu googleads.g.doubleclick.net
4	www.google-analytics.com	gifon007.eu www.googletagmanager.com www.google-analytics.com
4	www.google.com	2 redirects gifon007.eu tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	google-analytics.com	gifon007.eu
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	gifon007.eu
1	l.sharethis.com	platform-api.sharethis.com
1	www.googletagmanager.com	gifon007.eu
1	platform-api.sharethis.com	gifon007.eu
121	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
pinterest.com
twitter.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://gifon007.eu/
Frame ID: EA3443277C5BE8B0D780430985775A5B
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html?wmode=transparent
Frame ID: E8EAB8F53CB9ACDD8697198FE01C66A3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&adk=1812271804&adf=3025194257&lmt=1634189408&plaf=1%3A1&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=http%3A%2F%2Fgifon007.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634189408658&bpp=3&bdt=195&idt=204&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3319294352893&frm=20&pv=2&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: 05416FF46632697F5446726B3302D96D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=168&slotname=1376710719&adk=1596500748&adf=1750275682&pi=t.ma~as.1376710719&w=669&fwrn=4&lmt=1634189408&rafmt=11&psa=0&format=669x168&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408678&bpp=3&bdt=215&idt=242&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=330&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pC5ppwUbcv&p=http%3A//gifon007.eu&dtd=257
Frame ID: EE89A35045AA6E454504E51DD9429277
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236
Frame ID: CE894940DE271FF6B6FAD99184A6F584
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274
Frame ID: 7DD7EFC034CF80EA68BB0DD67C0EF8D2
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Frame ID: 4568B2A33B942BAE8C611AD3B2D26C44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EE30ECBA5FA3B42FC4D1308E61366485
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 900E87FDCB35700FABD12B29F1C1AC34
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Frame ID: 88CA8D425571FF11FD04429DA720CE65
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html
Frame ID: CEA2F8BBE2425116B369911709228802
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CdohxYMBnYcGcPML47gPEgKGoCc3hqOtih4Gy1-sN29keEAEg0a3IbGCV-vCBjAegAcbFrbsDyAEJqQJo8dumZ3WzPqgDAcgDSKoE0gFP0BaCwMjnDFjpaT-TdUQSMNPCBIZTUNYOnXG1YKtul-4uEvPDxTv139ch_hZ9aA3w-EKZrDBfB64EqlAbejO1sgaqzL97tYYml9huZNGR1N2VO0168Zac29OqoGaKx8Zi8C72Qj0D5oivLDq8V9QPWmX7N7wMQK01zqce1JeO_G7bSQv96ClieufzIczKKtHvpH4rxCPFRIUJ70qIAKzh0XY9idcUbAGKgW3V_AMNNnmx-jyvpAhezQpL8iAo9AlnfstUclmFYGecLgeq6BHVI8PABIbCraS-A5IFBAgEGAGSBQQIBRgEoAYugAeiutJEqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRD_saMC0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc5OTY0MDgxODI5NzY5NzYYAA&sigh=cWySOStx7Iw&template_id=419
Frame ID: C1C48948E7B330613FCB6DF5F4EEDF6C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 34DE771F34F48144D0C22A69A4469AFC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2790DF3E4699EE691207110F563B24B5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F81C7E329751504A5EF54DF62D4BCE3D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gifon007.eu I Gif, Gifs, Funny, Jokes, Video, Images

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

121
Requests

63 %
HTTPS

62 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1800 kB
Transfer

4117 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Gifon007.eu/

Search URL Search Domain Scan URL

URL: https://pinterest.com/gifon007eu/gifon007eu/

Search URL Search Domain Scan URL

URL: https://twitter.com/gifon007

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 67

https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_pre=CPX8_fmVyfMCFZiHdwod1ggC_Q;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 86

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4_6w4TkespePwM3Qt2QOgndVgnWH5Y&google_gid=CAESEG9Vv-MRuBe_xyHiXKXcZto&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4_6w4TkespePwM3Qt2QOgndVgnWH5Y&google_gid=CAESEG9Vv-MRuBe_xyHiXKXcZto&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTQwNTMwMTAwMDAxNzQxMDE1MjY5Ng%3D%3D&google_push=AYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4_6w4TkespePwM3Qt2QOgndVgnWH5Y

Request Chain 88

https://rtb.openx.net/sync/dds?google_gid=CAESEE2u3V-w81sTDYpQR5PRMes&google_cver=1&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEE2u3V-w81sTDYpQR5PRMes&google_cver=1&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&google_hm=Z4x_sp9JzUgeltLak2kXyA==

Request Chain 89

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDH2OKhiafbRNmMRcfyAObY&google_cver=1&google_push=AYg5qPLFdVf-DoGWGFQXsVRAx62KzMN6Oi4ut8vzEhdkY5HUJa4vzqsqiAvT9epE6fYYHy9TK7gjmf00vrOFI8g4HPO3FpcL7tyk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDH2OKhiafbRNmMRcfyAObY&google_cver=1&google_push=AYg5qPLFdVf-DoGWGFQXsVRAx62KzMN6Oi4ut8vzEhdkY5HUJa4vzqsqiAvT9epE6fYYHy9TK7gjmf00vrOFI8g4HPO3FpcL7tyk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvZ5mSifQqCtmrDUQu9SpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFdVf-DoGWGFQXsVRAx62KzMN6Oi4ut8vzEhdkY5HUJa4vzqsqiAvT9epE6fYYHy9TK7gjmf00vrOFI8g4HPO3FpcL7tyk

Request Chain 90

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAoTHRjml3RRhHIY7h6Rc2o&google_cver=1&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v-kyZ1xb8ZaOKe1hUNVtg04ea9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSTZJUUEtRy1HOE8y&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v-kyZ1xb8ZaOKe1hUNVtg04ea9

Request Chain 91

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

121 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gifon007.eu/ 142 KB
23 KB 280ms
70ms Document
text/html 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 424cb990180a199052d11f3bca8aeff73d19e464e0a4d4ace831bb747b5c5f0f

Request headers

Host: gifon007.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Content-Encoding: gzip
Content-Length: 23264
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
gifon007.eu/wp-content/plugins/bwp-minify/min/ 35 KB
7 KB 26ms
26ms Stylesheet
text/css 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/add-link-to-facebook/add-link-to-facebook.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/best-preloader/inc/css/frontend.css,wp-content/plugins/contact-form-7/includes/css/styles.css,wp-content/plugins/gif-animation-preview%20NEZ%C3%81LOHOVAT%20program%C3%A1tor/gapplayer.min.css,wp-content/plugins/hide-widgets/css/hide-widgets.css,wp-content/plugins/magic-liquidizer-responsive-table/idcss/ml-responsive-table.css,wp-content/plugins/menu-image/menu-image.css,wp-content/plugins/sitemap/css/page-list.css,wp-content/plugins/wp-post-navigation/style.css
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 908b378879e666b160c5f087630eb7be60fd9fc292b71d5aaf0246a1f57dd78d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 03:32:16 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=60
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 6435
Expires: Thu, 14 Oct 2021 05:31:08 GMT

GET
H/1.1 200
OK /
gifon007.eu/wp-content/plugins/bwp-minify/min/ 375 KB
58 KB 50ms
49ms Stylesheet
text/css 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/alora/style.css,wp-content/themes/alora/css/media.css,wp-content/plugins/wp-social-sharing/static/socialshare.css
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 781436656080b84415a8dac9a1543b1d6b60bbf8965c26298a669760647a57d1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2019 09:58:52 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=60
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 59517
Expires: Thu, 14 Oct 2021 05:31:08 GMT

GET
H/1.1 200
OK jquery.js Show response
gifon007.eu/wp-includes/js/jquery/ 95 KB
33 KB 49ms
48ms Script
application/javascript 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2019 10:00:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "17a69-58b962d5d5580-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 33776

GET
H/1.1 200
OK jquery-migrate.min.js Show response
gifon007.eu/wp-includes/js/jquery/ 10 KB
4 KB 44ms
43ms Script
application/javascript 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2016 18:17:03 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2748-535cdd3e325c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 4014

GET
H/1.1 200
OK / Show response
gifon007.eu/wp-content/plugins/bwp-minify/min/ 3 KB
1 KB 51ms
50ms Script
application/x-javascript 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/magic-liquidizer-responsive-table/idjs/ml.responsive.table.min.js
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d8c4150a000bf477b01c6e208f1a9126c3f5cd7fb22892248bc0c49db1fdf3b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2019 09:58:30 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=60
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 1094
Expires: Thu, 14 Oct 2021 05:31:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
989 B 40ms
16ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?ver=5.2.12

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

257c07e40f4fdd78d66090a4347816a4777d8f2ab8b266d4aebf56da90538cbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 14 Oct 2021 05:30:08 GMT

GET
H/1.1 200
OK sharethis.js Show response
platform-api.sharethis.com/js/ 183 KB
41 KB 38ms
12ms Script
text/javascript 13.224.193.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 13.224.193.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-52.fra2.r.cloudfront.net
Software: /
Resource Hash: b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:27:47 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 141
ETag: W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Edge-control: cache-maxage=60m,downstream-ttl=60m
Cache-Control: max-age=600, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 0ZHIlqOtOxvBjW5vDlFuVit0lujjo0dXSwR_ds39_t_Nui_6ZeriIA==

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5265b2eea4ae28787aabb2d066663543130bc59d0c9f247785bb5f9ec8a76597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8127323425798594828
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51441
X-XSS-Protection: 0
Expires: Thu, 14 Oct 2021 05:30:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49723360-32

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

440b50b7b042652b7489c5e200b37e1bfd3b901c4ac532436ae7db4249884058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38665
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Oct 2021 05:30:08 GMT

GET
H/1.1 200
OK gifon007.eu-logo-facebook.png
gifon007.eu/wp-content/uploads/2017/04/ 23 KB
23 KB 40ms
39ms Image
image/png 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/04/gifon007.eu-logo-facebook.png
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: cc0479aaf5edcb955753be6677bb6ca9920735c1e27f9326b1753268eeecf952

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Fri, 28 Apr 2017 17:47:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5be0-54e3daa60de80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 23520

GET
H/1.1 200
OK Funny-GIF-Dog-Parrot-Glasses-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 10 KB
10 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-GIF-Dog-Parrot-Glasses-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d470ef903a10d0140ac3ba901f3d980eab963fa9696ddffe3def22b981dbdbe7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Wed, 25 Mar 2020 09:27:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "28a1-5a1aa794112ce"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 10401

GET
H/1.1 200
OK Funny-Video-Cat-Fly-Iron-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 9 KB
9 KB 18ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-Video-Cat-Fly-Iron-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 330d9a10e2b23d72e44046d85ed1f05b976d7b0e512cff93782a1dffd2c47168

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Wed, 25 Mar 2020 09:27:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2490-5a1aa794141ae"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 9360

GET
H/1.1 200
OK Funny-Dog-Exercise-Treadmill-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 8 KB
8 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-Dog-Exercise-Treadmill-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1bddd7b53448a27c3b8b0520ff1a31c5318cabf349003bc3fcf2081e82f99886

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Wed, 25 Mar 2020 09:27:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2020-5a1aa7941802f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 8224

GET
H/1.1 200
OK Funny-GIF-Fast-car-wood-house-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 11 KB
11 KB 18ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-GIF-Fast-car-wood-house-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 872b2bc0fd4cecb156a90e2fb010a2df857d9c3a91a44fc610e4fcaf0539ee4f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Tue, 24 Mar 2020 10:21:25 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2b4a-5a1971d2c7619"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 11082

GET
H/1.1 200
OK Funny-Video-Dog-Coronavirus-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 19 KB
19 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-Video-Dog-Coronavirus-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 7da44dfc3cac92949f420093abaa8463ac7fbfaeabf6e63401ef2a19cb5da698

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Mon, 23 Mar 2020 09:05:54 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4c04-5a181f14b85b6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 19460

GET
H/1.1 200
OK Funny-GIF-Pretty-Woman-Coronavirus-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 14 KB
14 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Funny-GIF-Pretty-Woman-Coronavirus-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 690a797319f11aebab5e7456870118999b11ef69b6ba24b8e5fdb14044fd619c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sun, 22 Mar 2020 12:10:01 GMT
Server: Apache/2.4.25 (Debian)
ETag: "367c-5a17065e67f21"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 13948

GET
H/1.1 200
OK Coronavirus-COVID-19-funny-gif-sneeze-Tom-a-Jerry-gap.jpg
gifon007.eu/wp-content/uploads/2020/03/ 11 KB
11 KB 19ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2020/03/Coronavirus-COVID-19-funny-gif-sneeze-Tom-a-Jerry-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0adb2903fd3dc84985e6a740a2b7d2712c6a6ef821f1fb038fbcc03e3f8e96af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sat, 21 Mar 2020 11:55:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2a9c-5a15c13ad130b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 10908

GET
H/1.1 200
OK Funny-Video-Dog-Face-Teeth-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 19 KB
19 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Dog-Face-Teeth-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 67c1b006786513f66555d3a9f3ba5144590732bf6554b237818e33616f6f1ad6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sun, 05 Nov 2017 08:47:48 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4c69-55d38646d7500"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 19561

GET
H/1.1 200
OK Funny-Video-Girl-Spider-Shop-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 21 KB
21 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Girl-Spider-Shop-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b5a7da603fb8cdff985845cc9f975fc7890d5c2135bd404ee92f0c7c601cb34a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sun, 05 Nov 2017 08:47:48 GMT
Server: Apache/2.4.25 (Debian)
ETag: "52da-55d38646d7500"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 21210

GET
H/1.1 200
OK Funny-Video-Cat-Watching-Film-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 30 KB
30 KB 19ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Cat-Watching-Film-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 26015da08cfbe90e5d306a3b8484b0e2eb58f2bdf2a99761374381d25f6b89dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sun, 05 Nov 2017 08:45:12 GMT
Server: Apache/2.4.25 (Debian)
ETag: "78d5-55d385b211600"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 30933

GET
H/1.1 200
OK Funny-Video-Cute-Small-Animal-Drinking-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 18 KB
19 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Cute-Small-Animal-Drinking-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 931f198a45653e82d5d78471efafa6c069ea6b7f21bddb64d331f48bbbb859dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sat, 04 Nov 2017 07:24:28 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4997-55d231c902300"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 18839

GET
H/1.1 200
OK Funny-Video-Big-Spider-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 18 KB
18 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Big-Spider-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: a8d6d6fce57622eb121d4dead914c063423885e8adda9e7aa5faddb4df8b2a39

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sat, 04 Nov 2017 07:24:29 GMT
Server: Apache/2.4.25 (Debian)
ETag: "46ed-55d231c9f6540"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 18157

GET
H/1.1 200
OK Funny-Video-Cute-Puppy-Costume-Running-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 18 KB
18 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Cute-Puppy-Costume-Running-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6a6ace2b005fbcd40315aaf14cc4103acc5d9737c46c6c55d12f176b702206f6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sat, 04 Nov 2017 07:22:04 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4816-55d2313fadf00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 18454

GET
H/1.1 200
OK Funny-Video-Baby-Hamster-Eating-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 19 KB
19 KB 19ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Baby-Hamster-Eating-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 089f89bb771858bcb82e3a9382c7020cb07b860b414b39c0b8862c591b2fbd53

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Fri, 03 Nov 2017 04:52:25 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4a0e-55d0cdef2d440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 18958

GET
H/1.1 200
OK Funny-Video-Cat-Pirate-Costume-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 28 KB
29 KB 18ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Cat-Pirate-Costume-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 91cec4073a7095e1309b46e4306f1faf7dc881e8ed0dab324265b1b28b2eda4a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Fri, 03 Nov 2017 04:52:25 GMT
Server: Apache/2.4.25 (Debian)
ETag: "713a-55d0cdef2d440"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 28986

GET
H/1.1 200
OK Funny-Video-Cute-Small-Animals-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 20 KB
20 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Cute-Small-Animals-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b7b6944fa5fa8c6bb2402d5e8ecc50b53f6060980065383f1273f4031b182a91

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Fri, 03 Nov 2017 04:50:16 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4f4f-55d0cd7427200"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 20303

GET
H/1.1 200
OK Funny-Video-Dog-Head-Hamsters-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 16 KB
16 KB 19ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Dog-Head-Hamsters-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: def7083c73ffd3e340024e93797e53f3cfd1935e5ecc609dfb9c295536a73e4f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Thu, 02 Nov 2017 05:18:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3e5a-55cf91cf53f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 15962

GET
H/1.1 200
OK Funny-Video-Baby-Rhinoceros-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 19 KB
19 KB 20ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Baby-Rhinoceros-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b7447c370e537c5f120be3edfec04e61e7e1ddb2e15087d095b40359276b8a32

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Thu, 02 Nov 2017 05:18:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4c0b-55cf91cf53f80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 19467

GET
H/1.1 200
OK Funny-Video-Fail-Dog-Fall-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 22 KB
23 KB 19ms
18ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Fail-Dog-Fall-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: dee73e42e2aace582db63ace69a693e6210558594a0f98a07b81fcd1274fc172

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Thu, 02 Nov 2017 05:15:43 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5984-55cf9146f3dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 22916

GET
H/1.1 200
OK Funny-Video-Dog-Dribble-Ball-Gif-gap.jpg
gifon007.eu/wp-content/uploads/2017/11/ 20 KB
20 KB 19ms
19ms Image
image/jpeg 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/uploads/2017/11/Funny-Video-Dog-Dribble-Ball-Gif-gap.jpg
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b4711a577d902fa887b33cb3939489497b075f192c6bc81af2e3dce894ab96e3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Wed, 01 Nov 2017 05:18:29 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4e63-55ce5007cd340"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 20067

GET
H/1.1 200
OK / Show response
gifon007.eu/wp-content/plugins/bwp-minify/min/ 368 KB
86 KB 26ms
25ms Script
application/x-javascript 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/best-preloader/inc/js/frontend.js,wp-content/plugins/contact-form-7/includes/js/scripts.js,wp-includes/js/imagesloaded.min.js,wp-content/plugins/gif-animation-preview%20NEZ%C3%81LOHOVAT%20program%C3%A1tor/gapplayer.min.js,wp-content/themes/alora/js/modernizr-min.js,wp-content/themes/alora/js/jquery.carouFredSel-6.2.1-min.js,wp-content/themes/alora/js/jquery.flexslider-min.js,wp-content/themes/alora/js/jquery.fitvids-min.js,wp-content/themes/alora/js/main.js,wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 751cd6342e0f2cfd7a9211e53e2966d55668e8fe6d38b2e6c3fea55a8c3aa2fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2019 10:00:06 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=60
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 88094
Expires: Thu, 14 Oct 2021 05:31:08 GMT

GET
H/1.1 200
OK / Show response
gifon007.eu/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 25ms
25ms Script
application/x-javascript 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wp-social-sharing/static/socialshare.js,wp-includes/js/wp-embed.min.js
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 53eae5ed609ae0dfc569de1e4b1b7c9163be2d8665f592a6182566211c4b35f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 03:32:16 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=60
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 912
Expires: Thu, 14 Oct 2021 05:31:08 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 346 KB
135 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=5.2.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gifon007.eu/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 19:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137921
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 13 Oct 2022 19:05:28 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
332 B 39ms
7ms XHR
text/plain 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=gifon007.eu&location=%2F&product=ga&url=http%3A%2F%2Fgifon007.eu%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Gifon007.eu%20I%20Gif%2C%20Gifs%2C%20Funny%2C%20Jokes%2C%20Video%2C%20Images&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=%C2%A0
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://gifon007.eu
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:20:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 65401
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5437
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Thu, 13 Oct 2022 11:20:07 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

32ms
11ms

Script
text/javascript

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 2591
date: Thu, 14 Oct 2021 04:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 06:46:57 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK icomoon.woff
gifon007.eu/wp-content/themes/alora/fonts/icomoon/ 17 KB
17 KB 18ms
18ms Font
application/font-woff 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/wp-content/themes/alora/fonts/icomoon/icomoon.woff?s7tgwp
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/alora/style.css,wp-content/themes/alora/css/media.css,wp-content/plugins/wp-social-sharing/static/socialshare.css
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0df462ce21cc4f240d2b7740aeb85f098eda842ee52848ab88422c4a38f6ff7b

Request headers

Pragma: no-cache
Origin: http://gifon007.eu
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/alora/style.css,wp-content/themes/alora/css/media.css,wp-content/plugins/wp-social-sharing/static/socialshare.css
Connection: keep-alive
Referer: http://gifon007.eu/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/alora/style.css,wp-content/themes/alora/css/media.css,wp-content/plugins/wp-social-sharing/static/socialshare.css
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Sat, 11 Jun 2016 07:21:55 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4294-534fb8288eac0"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 17044

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 272 KB
98 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7996408182976976&plah=gifon007.eu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99876
x-xss-protection: 0
server: cafe
etag: 5725214712622718827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 05:30:08 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame E8EA 0
0 27ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:25:32 GMT
expires: Wed, 27 Oct 2021 21:25:32 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 29076
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK / Show response
gifon007.eu/ 494 B
584 B 889ms
888ms XHR
text/html 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gifon007.eu/?ga_action=googleanalytics_get_script
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2489aaf3aec7055b57878529f621a96b719a91e111af38ea726ec0930f2cc716

Request headers

Pragma: no-cache
Origin: http://gifon007.eu
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gifon007.eu/
Content-Length: 33
Accept: */*
Referer: http://gifon007.eu/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Content-Length: 326

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame E8EA 10 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html?wmode=transparent

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html?wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:57:15 GMT
expires: Wed, 27 Oct 2021 21:57:15 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 27173
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49723360-32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 2591
date: Thu, 14 Oct 2021 04:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 06:46:57 GMT

GET
H/1.1 200
OK preloader.gif
gifon007.eu/wp-content/plugins/best-preloader/inc/img/ 7 KB
7 KB 19ms
18ms Image
image/gif 2a00:19a0:3:7a:0:d9c6:7ac1:1
ZONER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gifon007.eu/wp-content/plugins/best-preloader/inc/img/preloader.gif
Requested by: Host: gifon007.eu
URL: http://gifon007.eu/
Protocol: HTTP/1.1
Server: 2a00:19a0:3:7a:0:d9c6:7ac1:1 , Czech Republic, ASN34222 (ZONER-AS, CZ),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: a74475bcc99e4ba22303b23f3f8a9ee135df25dd93262d094fe379125eb26f12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://gifon007.eu/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Last-Modified: Tue, 18 Jun 2019 09:58:24 GMT
Server: Apache/2.4.25 (Debian)
ETag: "1c29-58b962748f000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 7209

GET
H/1.1 200
OK css
fonts.googleapis.com/ 13 KB
2 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7CQuattrocento+Sans:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese,latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f75d5d64a96e2db69fe8186deac41a04f0886c083a9f0ef7df781e5ba9977043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 05:30:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 14 Oct 2021 05:30:08 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
Expires: Thu, 14 Oct 2021 05:30:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
656 B 44ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gifon007.eu&callback=_gfp_s_&client=ca-pub-7996408182976976

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7996408182976976&plah=gifon007.eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5be4c1ffadbf4e801e63e6cf20027f5334d13e707b2cd476a9d67ac3878beadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 14ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fgifon007.eu%2F&tn=DIV&id=preloader-status&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 05:30:08 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fgifon007.eu%2F&tn=DIV&id=preloader-status&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 05:30:08 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gifon007.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gifon007.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0541 0
188 B 78ms
78ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&adk=1812271804&adf=3025194257&lmt=1634189408&plaf=1%3A1&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=http%3A%2F%2Fgifon007.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634189408658&bpp=3&bdt=195&idt=204&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3319294352893&frm=20&pv=2&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=222

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7996408182976976&output=html&adk=1812271804&adf=3025194257&lmt=1634189408&plaf=1%3A1&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=http%3A%2F%2Fgifon007.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634189408658&bpp=3&bdt=195&idt=204&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3319294352893&frm=20&pv=2&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=222
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 05:30:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 05:45:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:08 GMT
cache-control: private

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7CQuattrocento+Sans:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese,latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 18:00:31 GMT
X-Content-Type-Options: nosniff
Age: 559777
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44760
X-XSS-Protection: 0
Last-Modified: Thu, 23 Sep 2021 16:50:17 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 07 Oct 2022 18:00:31 GMT

GET
H/1.1 200
OK va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 24 KB
25 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/quattrocentosans/v13/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 11:18:37 GMT
X-Content-Type-Options: nosniff
Age: 324691
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 24360
X-XSS-Protection: 0
Last-Modified: Tue, 01 Sep 2020 06:34:19 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Mon, 10 Oct 2022 11:18:37 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE89 78 KB
26 KB 465ms
464ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=168&slotname=1376710719&adk=1596500748&adf=1750275682&pi=t.ma~as.1376710719&w=669&fwrn=4&lmt=1634189408&rafmt=11&psa=0&format=669x168&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408678&bpp=3&bdt=215&idt=242&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=330&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pC5ppwUbcv&p=http%3A//gifon007.eu&dtd=257

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0126e90fe5cc0e9da8d7af9716684585a57f9342d842e95687215bbe8f97e4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7996408182976976&output=html&h=168&slotname=1376710719&adk=1596500748&adf=1750275682&pi=t.ma~as.1376710719&w=669&fwrn=4&lmt=1634189408&rafmt=11&psa=0&format=669x168&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408678&bpp=3&bdt=215&idt=242&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=330&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pC5ppwUbcv&p=http%3A//gifon007.eu&dtd=257
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 05:30:09 GMT
server: cafe
content-length: 26751
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 05:45:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:09 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=847716101&t=pageview&_s=1&dl=http%3A%2F%2Fgifon007.eu%2F&ul=en-us&de=UTF-8&dt=Gifon007.eu%20I%20Gif%2C%20Gifs%2C%20Funny%2C%20Jokes%2C%20Video%2C%20Images&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=538662497&gjid=1267635046&cid=147183705.1634189409&tid=UA-49723360-32&_gid=1453939396.1634189409&_r=1&gtm=2ouab0&z=579789917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://gifon007.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gifon007.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE89 123 KB
40 KB 1075ms
1074ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cadecc31efabdc2bca069830ae96acbf7f8cf6ebb9f73133b1c314744e948cc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHM3_mVyfMCFUK8ewodREAIlQ&gqi=YMBnYcXAO-SqrATKsy8&layout=/sadbundle/%24csp%253Der3%24/15357924708526979973/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHM3_mVyfMCFUK8ewodREAIlQ&gqi=YMBnYcXAO-SqrATKsy8&layout=/sadbundle/%24csp%253Der3%24/15357924708526979973/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 05:30:10 GMT
server: cafe
content-length: 39768
x-xss-protection: 0
set-cookie: IDE=AHWqTUl-xxSNPTe1Frx2Qg7tTq8QNBB1dIALYCLnmIGOmeM58mCueTEjQfwGw8PH3po; expires=Tue, 08-Nov-2022 05:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:10 GMT
cache-control: private

GET
H/1.1 200
OK memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 19:51:36 GMT
X-Content-Type-Options: nosniff
Age: 553113
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 47804
X-XSS-Protection: 0
Last-Modified: Thu, 23 Sep 2021 16:51:13 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 07 Oct 2022 19:51:36 GMT

GET
H/1.1 200
OK va9a4lja2NVIDdIAAoMR5MfuElaRB0zMh032GA.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 26 KB
26 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/quattrocentosans/v13/va9a4lja2NVIDdIAAoMR5MfuElaRB0zMh032GA.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9e0ead1896945dd8f2f1d6d56b7060b2872b2d18aa4a448e7cdc044cfa7b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 20:50:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 05:17:16 GMT
Server: sffe
Age: 203998
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 26524
X-XSS-Protection: 0
Expires: Tue, 11 Oct 2022 20:50:11 GMT

GET
H/1.1 200
OK va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 24 KB
24 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/quattrocentosans/v13/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 14:46:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 04:38:50 GMT
Server: sffe
Age: 312209
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24244
X-XSS-Protection: 0
Expires: Mon, 10 Oct 2022 14:46:40 GMT

GET
H/1.1 200
OK va9X4lja2NVIDdIAAoMR5MfuElaRB0zMj_bTDX7ojQ.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 25 KB
26 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/quattrocentosans/v13/va9X4lja2NVIDdIAAoMR5MfuElaRB0zMj_bTDX7ojQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969484715ece213d98fd904b2a4440aee9fef8e273bc73606f861730132f8358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://gifon007.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 16:57:52 GMT
X-Content-Type-Options: nosniff
Age: 304337
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 25380
X-XSS-Protection: 0
Last-Modified: Tue, 01 Sep 2020 05:43:13 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Mon, 10 Oct 2022 16:57:52 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DD7 70 KB
27 KB 715ms
714ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96c4789afa26ff26289702778a3149c0db8867bb0bec86b2542a42293290729d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 05:30:09 GMT
server: cafe
content-length: 27662
x-xss-protection: 0
set-cookie: IDE=AHWqTUm8d6C8elSV5jzlH0AOownD-DyQKqZbNTcXtupuroSoiQiIiBfw5GPYvgdbh5Q; expires=Tue, 08-Nov-2022 05:30:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:09 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame EE89 4 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=168&slotname=1376710719&adk=1596500748&adf=1750275682&pi=t.ma~as.1376710719&w=669&fwrn=4&lmt=1634189408&rafmt=11&psa=0&format=669x168&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408678&bpp=3&bdt=215&idt=242&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=330&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pC5ppwUbcv&p=http%3A//gifon007.eu&dtd=257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:04:02 GMT
server: ESF
date: Thu, 14 Oct 2021 05:30:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 05:30:09 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EE89 2 KB
991 B 34ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:23:46 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame EE89 18 KB
8 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:29:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EE89 3 KB
1 KB 24ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:26:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE89 123 KB
38 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 05:30:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EE89 14 KB
6 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:25:23 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame EE89 27 KB
12 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 06:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 05 Jan 2022 06:36:14 GMT

GET
H2

200

B25479869.316134582;dc_pre=CPX8_fmVyfMCFZiHdwod1ggC_Q;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/ Frame EE89
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_pre=CPX8_fmVyfMCFZiHdwod1ggC_Q;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_ch...

42 B
118 B

26ms
26ms

Fetch
image/gif

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_pre=CPX8_fmVyfMCFZiHdwod1ggC_Q;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B25479869.316134582;dc_pre=CPX8_fmVyfMCFZiHdwod1ggC_Q;dc_trk_aid=509034430;dc_trk_cid=159339060;ord=3867622921;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE89 0
0 23ms
23ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvy8QYMBnYe2vOrrZ-gbu0oPwBJqIwuRki-2W6r8OrKjAjYkPEAEg0a3IbGCV-vCBjAegAfLZ-IMDyAEGqQL2ddabsXWzPqgDAcgDywSqBL0BT9D4udTfmDUo3n2b09Iu5I1udY0ygyU9B8P2aWkuSt7sav8LrXV7gAz0V9a4Ceh8zeOwqnybGCodohMmVhPEZy_9G1nwtN_EJrXpoEoWKweLlJIW75vdQc2hRzjRmfsZbSJvcCKAfsvGZuKNB61dKF5ptVdPyT2g2LrplsJsWhq1IfRY0ZqGpXhjVA4ZRauAj7uWFZ1w_WiWpZVhVbrfDz1HolI4Ja4UTaT2j1YNkTgZ183E9lDY_ceRy4axwATTtPeR7AOSBQQIBBgBkgUECAUYBKAGN4AH9qWHfKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ989s0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc5OTY0MDgxODI5NzY5NzYYAA&sigh=0rAGhrXzFrw&template_id=492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=168&slotname=1376710719&adk=1596500748&adf=1750275682&pi=t.ma~as.1376710719&w=669&fwrn=4&lmt=1634189408&rafmt=11&psa=0&format=669x168&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408678&bpp=3&bdt=215&idt=242&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=330&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=pC5ppwUbcv&p=http%3A//gifon007.eu&dtd=257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 05:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 05:30:09 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10198117594859416271/ Frame EE89 16 KB
16 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10198117594859416271/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a520db1fae403a33981bd11caacc9e394043ca3717a91ed58e1a01e7f7d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 09:16:29 GMT
x-content-type-options: nosniff
age: 245620
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16435
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 07:47:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Oct 2022 09:16:29 GMT

GET
DATA 200
OK truncated
/ Frame EE89 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43cdf3f2c847e7ff1de8cec06a23862a5d8c8611e0d7c36402fa2c0180f5b30a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EE89 15 KB
16 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 46708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EE89 16 KB
16 KB 30ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:57 GMT
x-content-type-options: nosniff
age: 46692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:57 GMT

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4568 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 21:26:58 GMT

GET
H2 200 analytics.js Show response
google-analytics.com/ 48 KB
20 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6119
date: Thu, 14 Oct 2021 03:48:10 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 05:48:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=847716101&t=pageview&_s=1&dl=http%3A%2F%2Fgifon007.eu%2F&ul=en-us&de=UTF-8&dt=Gifon007.eu%20I%20Gif%2C%20Gifs%2C%20Funny%2C%20Jokes%2C%20Video%2C%20Images&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAUABAAAAAC~&jid=1742993047&gjid=2025739604&cid=147183705.1634189409&tid=UA-8972151-10&_gid=1175949694.1634189409&_r=1&_slc=1&z=1577753761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://gifon007.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gifon007.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2857824464448456528
tpc.googlesyndication.com/simgad/ Frame 7DD7 66 KB
67 KB 9ms
9ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2857824464448456528

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ede09d89bb4d390e1315a3604119c19288a617dd9cb9acb5bb33767af77a39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:04:01 GMT
x-content-type-options: nosniff
age: 113168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68059
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 12:49:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 22:04:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 7DD7 18 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:29:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 7DD7 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:26:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DD7 123 KB
37 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 05:30:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 7DD7 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:25:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 7DD7 27 KB
11 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 20:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 20:02:31 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7DD7 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Y9eYcBnYZ_bAdDSgQeNmKmQDIze9pJloeeKucsO6Yrj8rQpEAEg0a3IbGCV-vCBjAegAdC6wYsDyAEDqQJo8dumZ3WzPqgDAcgDyQSqBLoBT9Au_teIwxfwmQyiQmK4Sa6jY55sNyivp-b8Xq5rCBD7VLAnByIH6922DeWNS07anCAQn3CAwlGXHoQk8MGhJqPfpYsFrStT6_L680Lblyk1maJVKPcmpUdUgPsMyixCT51GsiuMt6l_46-UfVMkj6LMFaMJjxvuW2_UX1dlIXBoMG3TPVrCResGdkWXEOhrwtAa7JUg9gxkwBmQDznOIMpXLNiiZHgjgnhM7l1YMNxlyOp9PrFWz0CYwATKic213gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AHoIb8eagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwUQw6v4AdIICQiA4YAQEAEYX4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi03OTk2NDA4MTgyOTc2OTc2GAA&sigh=OYNhrdNQdjo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 05:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE30 143 B
222 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8d6C8elSV5jzlH0AOownD-DyQKqZbNTcXtupuroSoiQiIiBfw5GPYvgdbh5Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 04:54:37 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 900E 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:06:15 GMT
expires: Thu, 14 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 30234
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 900E 35 B
464 B 47ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPko9M3yqJNZuUaKk3dWz2w&google_cver=1&google_push=AYg5qPKjwtkxZTh5LLFFGM4ybdesNNsTeYJMsXTKvujpBMtPjOGy8fMPrvYEUk4ygCcE5BWRTCfq60Dww953VfJ19m5NspZGuIBj

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 900E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKpq9Td...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKpq9Td...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTQwNTMwMTAwMDAxNzQxMDE1MjY5Ng%3D%3D&google_push=AYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTQwNTMwMTAwMDAxNzQxMDE1MjY5Ng%3D%3D&google_push=AYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4_6w4TkespePwM3Qt2QOgndVgnWH5Y

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTQwNTMwMTAwMDAxNzQxMDE1MjY5Ng%3D%3D&google_push=AYg5qPKpq9TdzMQ0TgKwLrj9EjOgNfTjKqdU3iNRp4ZbXceJzdWE8qXR-vbOht3DbIf4p4_6w4TkespePwM3Qt2QOgndVgnWH5Y
pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 14 Oct 2021 05:30:10 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 900E 43 B
324 B 68ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMrrbz7CDc2zt-SjVxLX-Vw&google_push=AYg5qPKKkl2rt9eFHMZ2JPkLx8HhBToyDeLSRGkTzkWM40RljXVHgtucMAAdEe4G9TZBDza7Xc34wjD2ZePi-Mlyrd3gqU-98_vI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=4188105060&pi=t.ma~as.9232716053&w=300&lmt=1634189409&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408730&bpp=1&bdt=267&idt=269&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168%2C300x250&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kdy0y03I3o&p=http%3A//gifon007.eu&dtd=274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 900E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE2u3V-w81sTDYpQR5PRMes&google_cver=1&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4
https://rtb.openx.net/sync/dds?google_gid=CAESEE2u3V-w81sTDYpQR5PRMes&google_cver=1&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&google_hm=Z4x_sp9JzUgeltLak2kXyA==

170 B
188 B

27ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&google_hm=Z4x_sp9JzUgeltLak2kXyA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:08 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIgfcntVkM4P61-scC5pZ9k7mhmftoZCillGPdElAULpm1Fp42LRLDHnO8IoUNzJMSgvcbN0-MdQo0WQOBQYWdLux99UiU4&google_hm=Z4x_sp9JzUgeltLak2kXyA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: g5dl564k2nclr3h2k69plnmrt2pkpfk3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 900E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvZ5mSifQqCtmrDUQu9SpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvZ5mSifQqCtmrDUQu9SpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFdVf-DoGWGFQXsVRAx62KzMN6Oi4ut8vzEhdkY5HUJa4vzqsqiAvT9epE6fYYHy9TK7gjmf00vrOFI8g4HPO3FpcL7tyk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvZ5mSifQqCtmrDUQu9SpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLFdVf-DoGWGFQXsVRAx62KzMN6Oi4ut8vzEhdkY5HUJa4vzqsqiAvT9epE6fYYHy9TK7gjmf00vrOFI8g4HPO3FpcL7tyk
date: Thu, 14 Oct 2021 05:30:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 900E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAoTHRjml3RRhHIY7h6Rc2o&google_cver=1&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSTZJUUEtRy1HOE8y&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v-kyZ1xb8ZaOKe1hUNVtg04ea9

170 B
329 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSTZJUUEtRy1HOE8y&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v-kyZ1xb8ZaOKe1hUNVtg04ea9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSTZJUUEtRy1HOE8y&google_push=AYg5qPK4H_4KQDv7XhEDvGwBCk73kH3DkGi8SQnmm_534So9cApNV_fXGYrKrxF7V07_SYUH_-v-kyZ1xb8ZaOKe1hUNVtg04ea9
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 900E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 900E 0
253 B 45ms
16ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1ZshlOcLYX9s986q1rFKRGmrfSKwOWIOcp3TXgcqEbUwDBnzVgpE6Yc-uH3x4-B2wYacl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

61ms
61ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8d6C8elSV5jzlH0AOownD-DyQKqZbNTcXtupuroSoiQiIiBfw5GPYvgdbh5Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 05:30:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 06:30:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:09 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 05:30:09 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7DD7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2605350d48b9c91877df9368f7cef14aebf9927ee4c6d5ec9a587d55357f71a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 88CA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 21:26:58 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/ Frame CEA2 96 KB
24 KB 11ms
11ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d043a9613b13dee246ce87b54d0754393327477b39d96eb17f3498e7df5241de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15357924708526979973/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Fri, 08 Oct 2021 11:54:52 GMT
expires: Sat, 08 Oct 2022 11:54:52 GMT
last-modified: Wed, 19 May 2021 12:02:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 23424
age: 495318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1C4 0
0 25ms
25ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdohxYMBnYcGcPML47gPEgKGoCc3hqOtih4Gy1-sN29keEAEg0a3IbGCV-vCBjAegAcbFrbsDyAEJqQJo8dumZ3WzPqgDAcgDSKoE0gFP0BaCwMjnDFjpaT-TdUQSMNPCBIZTUNYOnXG1YKtul-4uEvPDxTv139ch_hZ9aA3w-EKZrDBfB64EqlAbejO1sgaqzL97tYYml9huZNGR1N2VO0168Zac29OqoGaKx8Zi8C72Qj0D5oivLDq8V9QPWmX7N7wMQK01zqce1JeO_G7bSQv96ClieufzIczKKtHvpH4rxCPFRIUJ70qIAKzh0XY9idcUbAGKgW3V_AMNNnmx-jyvpAhezQpL8iAo9AlnfstUclmFYGecLgeq6BHVI8PABIbCraS-A5IFBAgEGAGSBQQIBRgEoAYugAeiutJEqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRD_saMC0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc5OTY0MDgxODI5NzY5NzYYAA&sigh=cWySOStx7Iw&template_id=419

Requested by

Host: gifon007.eu
URL: http://gifon007.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 05:30:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame C1C4 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:29:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame C1C4 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:26:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1C4 123 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 05:30:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame C1C4 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 05:25:23 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 34DE 143 B
206 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUl-xxSNPTe1Frx2Qg7tTq8QNBB1dIALYCLnmIGOmeM58mCueTEjQfwGw8PH3po
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 04:35:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C1C4 0
463 B 36ms
14ms Other
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHM3_mVyfMCFUK8ewodREAIlQ&gqi=YMBnYcXAO-SqrATKsy8&layout=/sadbundle/%24csp%253Der3%24/15357924708526979973/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CEA2 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 15 Oct 2021 03:54:50 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CEA2 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 14 Oct 2021 23:30:30 GMT

GET
DATA 200
OK truncated
/ Frame C1C4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ff8529344122f49d4bf0302e1b636010c5f2691714ee4da9bbd7ea20bc52511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 34DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

15ms
15ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUl-xxSNPTe1Frx2Qg7tTq8QNBB1dIALYCLnmIGOmeM58mCueTEjQfwGw8PH3po
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 05:30:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 06:30:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 05:30:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 05:30:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame CEA2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 21:26:58 GMT

GET
H2 200 balken-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/ Frame CEA2 6 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/balken-1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8412bb3b68438c2fa801724a52747109a7403595466749120bb30281c6c6cde

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6565
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:02:37 GMT
server: sffe
date: Fri, 08 Oct 2021 04:54:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 04:54:19 GMT

GET
H2 200 balken-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/ Frame CEA2 7 KB
7 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/balken-2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2065dc40e8d2d85824f193595d681d923802f99771fbb7de68e384403104bb0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 597036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6663
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:02:37 GMT
server: sffe
date: Thu, 07 Oct 2021 07:39:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Oct 2022 07:39:34 GMT

GET
H2 200 subline.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/ Frame CEA2 12 KB
12 KB 9ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/subline.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3294f314af777186d5dfc89177e1b74bf9f03db367b9e885aea3c6759f9128

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 235581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12317
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:02:37 GMT
server: sffe
date: Mon, 11 Oct 2021 12:03:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Oct 2022 12:03:49 GMT

GET
H2 200 swipe.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/ Frame CEA2 16 KB
16 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15357924708526979973/swipe.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090cd262e0da782a888b72d3aabc8c99191689bd4bb9932c97ff31f76e6f46f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16229
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:02:37 GMT
server: sffe
date: Fri, 08 Oct 2021 04:54:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 04:54:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 19ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d4a6eaa7b33354da13d212e259854fd09bf3dc85564902db8ca4336aa358aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8601
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 14 Oct 2021 05:30:10 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2790 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 14 Oct 2021 01:31:37 GMT
expires: Fri, 14 Oct 2022 01:31:37 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F81C 783 B
942 B 17ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f437b42cb4abd0a714c6fc806ce5757432004498f633f61213e5d5d186cc37e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-shpFeZk3h9pM+6IS/OEtCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://gifon007.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 14 Oct 2021 05:30:10 GMT
date: Thu, 14 Oct 2021 05:30:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-shpFeZk3h9pM+6IS/OEtCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js Show response
pagead2.googlesyndication.com/bg/ Frame 2790 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 21:26:58 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F81C 0
0 30ms
30ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=312947668031483&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 18ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=312947668031483&bg=!ZmWlZSHNAAbGFvHlxhY7ACkAdvg8Wt_qeWlMfc77Y-lZBPyl_uVyqlWJT43qiPQKw7uLphC95o6N3wIAAAB5UgAAAAtoAQcKABx7k7ax71FGTdF6rtzHRqgpcUPFsEsihCWggkpAmQLGGhVFFOsxeZtOVv8LIxlr36Nu4EpGD9-YFDSD1rdrFxPQ2RVb_m5XEMHFph0ztQ1BZ5pLIyvJzjAun7H0S2ypeD7O2Qxq_1-DImZvFLIriOhWCJYZSFWgkqUXC8v5hz5HqARNppsa1jB7KSZRjPARaqBq-WsSs9RGqcvzP_wDuiodOh55EVhSkZblX2S4GcD7vTHrGoCJ1gM5C7xhNacpPXIlyeBjZo3q_WWBYGIHwoznMY4zr6zhcbG_GHKMcBGhC1MUPPbo53mstgHUIAbAnJfqemHgSW9mL5jYDUl5C8YPLYfHeQvru5jDdMxyQcQxibVjcz6qMrhXPMazqZ_c8Gzd7Zbd9XACGdOFpF3US-9Y-BPggZ9ezYkiFQrEK-Sbp8DhxvTGdqGQzUu9i9zBReMrXUIsNiOhZP9KkU9Mz5qc-txF-t0eL6gdZdK2_lOBoH03oQq6tfqOLsFHiS4LGqzgVk3ph02Fag09agzMsFbKkzzPIxUb43i0IPttuR57h0KKiKcYbdznjFSKtziC4SnGoIYoQPVMLF5FKsEbUBovaPH7xGg6iFaCH4Y97ngJ8zt5JURhMFIkI9_bXvJ-hZJuAgfDjCtGshofxsEDW3AXP04oN5qnRRmH3yUDkDkRXi2cBMIJuMhg0P0s-AoI5oA8OEHwV1EDeYEnVNRLajZEW00aQIqemrBg_by2R1mv65IO9amBc5B_7-JYxOzQXOJLMG7T-P24sgg6yUjGk90W5lgd9EK4fHobfOBTfEp_suI2H51rwhVxVqSAEk35RGZ8KSQ2f2p2MhIYEDohcRhbbSF_npKebL_B0JQkVrURKZksVVf7Nlv_STD_FSab4M8oBx0KSZv_bl5n_U-6_GNBvehEqUgLBhbA0xk7Mo8dISWeEv_TGWBUQ09-QVCQpcJmsbBA7ZYVHYB47fyOOFJVf63ppJ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gifon007.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE89 42 B
111 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr9Iacbmprz4R-G_srKSzMEygM_uER8ifeMhfMsOOuMCKZXH9GkKoi5TXAQXaqxROYeb_P59EpayHv-8XmQxcaZvAsrdm8sanMb9sK0JwH7grk1bS97g&sai=AMfl-YRdwae_khZCcUMnuznfSTEDepr69sth0wcv0jCmPRW3IhQV5EOrw4f5WiVZfoYryEalIEl6q0k_Hd2d&sig=Cg0ArKJSzMteCImFL6wUEAE&id=lidar2&mcvt=1005&p=0,0,168,669&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1596500748&rs=2&la=0&cr=0&vs=4&r=v&rst=1634189408936&rpt=705&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DD7 42 B
108 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKW8sR2imM2PIO-RuprxiegS1j8ZHo-oci8MyPchfI0DbNmdwqm1RHsHNaxJoxltYJfQewATkv6LbwY8VaxrLSP5jozKTuhk5Nk9prjYxbYdr5Hs2sSEYYb6dgQwW7OmFQi7tFdMTjfZJP&sai=AMfl-YQbTrvI9PsXA0LLN2SBlVWgwiQWueFY2wDLj68p_YiLJ1z7vd6Gx0quYpdczqR-92SiR9xoXpqdABzRtP3IrdZ770DbiUqq_xk&sig=Cg0ArKJSzLWZRN8P_Dn6EAE&cid=CAASF-RoY_8H0dGnqw0rjnfdBHFTeYGkwXLJ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3212221754&rs=2&la=0&cr=0&vs=4&r=v&rst=1634189409008&rpt=858&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1C4 42 B
108 B 25ms
25ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVsRe5s3OD0e5r27BME2pfh1lNraBpP2rP7_tp417UKbRaJAz4SLXGcpiywwhvyuArLgY_nyR0v2esQW6FIlwgFwpaoApA69PBbk1vLZPNlKdU3y_nfIyB4i_3Z_VMTlcSTKd0Uaj_50ZR&sai=AMfl-YSPWz7A4YtXOX98DeOASSZPZK8pm0QTGaqinP622odbX2lkGDW9JMu-zh9U0hvnknZ62teG2CdOCv894COuPAHfO3aC2iJmH-g&sig=Cg0ArKJSzCuYRhqW7hp1EAE&cid=CAASF-RomqeeDepX3tkNCGcZEjx_hGfFvlFk&id=lidar2&mcvt=1000&p=0,0,250,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3212221754&rs=2&la=0&cr=0&vs=4&r=v&rst=1634189410082&rpt=111&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 05:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gifon007.eu/	1970-01-20 15:27:41	Name: _ga Value: GA1.2.147183705.1634189409
.gifon007.eu/	1970-01-19 21:57:55	Name: _gid Value: GA1.2.1453939396.1634189409
.gifon007.eu/	1970-01-19 21:56:29	Name: _gat_gtag_UA_49723360_32 Value: 1
.gifon007.eu/	1970-01-20 07:18:05	Name: __gads Value: ID=a73c1c98930d9f13-225ece98f5ca00ff:T=1634189408:RT=1634189408:S=ALNI_MZzA7i-9DA3mEoL3UZyPeDgixwN7A
.pubmatic.com/	1970-01-19 21:57:55	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-20 06:42:05	Name: i Value: 6b76cad7-9f48-4b91-a234-568524571e8f\|1634189409
.casalemedia.com/	1970-01-20 06:42:05	Name: CMID Value: YWfAYUkGRgkFpMtq7C6jSAAA
.casalemedia.com/	1970-01-20 00:06:05	Name: CMPS Value: 3176
.quantserve.com/	1970-01-20 00:06:05	Name: d Value: EAEBCQG9JIEA
.quantserve.com/	1970-01-20 07:26:43	Name: mc Value: 6167c061-d7de6-86f83-d7d51
.pubmatic.com/	1970-01-20 00:06:05	Name: KADUSERCOOKIE Value: 66F67999-289F-42A0-AD9A-B0D442EF52A4
.casalemedia.com/	1970-01-20 00:06:05	Name: CMPRO Value: 1207
.casalemedia.com/	1970-01-19 21:57:55	Name: CMST Value: YWfAYWFnwGEA
.doubleclick.net/	1970-01-19 21:56:33	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 07:18:05	Name: IDE Value: AHWqTUl-xxSNPTe1Frx2Qg7tTq8QNBB1dIALYCLnmIGOmeM58mCueTEjQfwGw8PH3po
.e.dlx.addthis.com/	1970-01-20 07:26:43	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:26:43	Name: na_id Value: 2021101405301000017410152696
.addthis.com/	1970-01-20 07:26:43	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:26:43	Name: uid Value: 6167c0621da1dba8
.addthis.com/	1970-01-20 07:26:43	Name: ouid Value: 6167c0620001b862f2984b96e53b3df0cac6ebd8d49617ec6145
.dlx.addthis.com/	1970-01-19 22:39:41	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 22:39:41	Name: na_sr Value: 20211014
.dlx.addthis.com/	1970-01-19 21:56:29	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 22:39:41	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15357924708526979973/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996408182976976&output=html&h=250&slotname=9232716053&adk=3212221754&adf=2199604408&pi=t.ma~as.9232716053&w=300&lmt=1634189408&psa=0&format=300x250&url=http%3A%2F%2Fgifon007.eu%2F&flash=0&wgl=1&dt=1634189408728&bpp=1&bdt=265&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C669x168&nras=1&correlator=3319294352893&frm=20&pv=1&ga_vid=147183705.1634189409&ga_sid=1634189409&ga_hid=847716101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1050&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31063139&oid=2&pvsid=312947668031483&pem=697&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Uw8lxQYZpx&p=http%3A//gifon007.eu&dtd=236 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15357924708526979973/index.html".
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWfAYUkGRgkFpMtq7C6jSAAABLcAAAAB&google_push=AYg5qPKjIAeCmhmfnvCRgjWBcPFuCWDKAaCmr7l4X2UD1zu8rsKvnziaCNw4qhJnqg_SWaazDCBQMuazAjawszD7yi-Xf5fRIGkS&google_gid=CAESEL_C3tSyyXSf88g4Prc-C1g&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gifon007.eu
google-analytics.com
googleads.g.doubleclick.net
image6.pubmatic.com
l.sharethis.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform-api.sharethis.com
rtb.openx.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.90.192.27
13.224.193.52
142.250.184.226
142.250.185.198
142.250.185.226
185.64.189.115
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:19a0:3:7a:0:d9c6:7ac1:1
3.124.181.115
34.98.67.61
35.227.252.103
69.173.144.165
0126e90fe5cc0e9da8d7af9716684585a57f9342d842e95687215bbe8f97e4aa
089f89bb771858bcb82e3a9382c7020cb07b860b414b39c0b8862c591b2fbd53
0adb2903fd3dc84985e6a740a2b7d2712c6a6ef821f1fb038fbcc03e3f8e96af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0df462ce21cc4f240d2b7740aeb85f098eda842ee52848ab88422c4a38f6ff7b
0ede09d89bb4d390e1315a3604119c19288a617dd9cb9acb5bb33767af77a39d
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1bddd7b53448a27c3b8b0520ff1a31c5318cabf349003bc3fcf2081e82f99886
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d
2065dc40e8d2d85824f193595d681d923802f99771fbb7de68e384403104bb0c
214a520db1fae403a33981bd11caacc9e394043ca3717a91ed58e1a01e7f7d9f
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
2489aaf3aec7055b57878529f621a96b719a91e111af38ea726ec0930f2cc716
257c07e40f4fdd78d66090a4347816a4777d8f2ab8b266d4aebf56da90538cbc
26015da08cfbe90e5d306a3b8484b0e2eb58f2bdf2a99761374381d25f6b89dc
2605350d48b9c91877df9368f7cef14aebf9927ee4c6d5ec9a587d55357f71a0
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
2d4a6eaa7b33354da13d212e259854fd09bf3dc85564902db8ca4336aa358aa1
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2ff8529344122f49d4bf0302e1b636010c5f2691714ee4da9bbd7ea20bc52511
330d9a10e2b23d72e44046d85ed1f05b976d7b0e512cff93782a1dffd2c47168
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51
424cb990180a199052d11f3bca8aeff73d19e464e0a4d4ace831bb747b5c5f0f
43cdf3f2c847e7ff1de8cec06a23862a5d8c8611e0d7c36402fa2c0180f5b30a
440b50b7b042652b7489c5e200b37e1bfd3b901c4ac532436ae7db4249884058
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e3294f314af777186d5dfc89177e1b74bf9f03db367b9e885aea3c6759f9128
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5265b2eea4ae28787aabb2d066663543130bc59d0c9f247785bb5f9ec8a76597
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53eae5ed609ae0dfc569de1e4b1b7c9163be2d8665f592a6182566211c4b35f1
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5be4c1ffadbf4e801e63e6cf20027f5334d13e707b2cd476a9d67ac3878beadb
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
67c1b006786513f66555d3a9f3ba5144590732bf6554b237818e33616f6f1ad6
690a797319f11aebab5e7456870118999b11ef69b6ba24b8e5fdb14044fd619c
6a6ace2b005fbcd40315aaf14cc4103acc5d9737c46c6c55d12f176b702206f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cadecc31efabdc2bca069830ae96acbf7f8cf6ebb9f73133b1c314744e948cc
751cd6342e0f2cfd7a9211e53e2966d55668e8fe6d38b2e6c3fea55a8c3aa2fd
781436656080b84415a8dac9a1543b1d6b60bbf8965c26298a669760647a57d1
7da44dfc3cac92949f420093abaa8463ac7fbfaeabf6e63401ef2a19cb5da698
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
872b2bc0fd4cecb156a90e2fb010a2df857d9c3a91a44fc610e4fcaf0539ee4f
908b378879e666b160c5f087630eb7be60fd9fc292b71d5aaf0246a1f57dd78d
91cec4073a7095e1309b46e4306f1faf7dc881e8ed0dab324265b1b28b2eda4a
931f198a45653e82d5d78471efafa6c069ea6b7f21bddb64d331f48bbbb859dc
969484715ece213d98fd904b2a4440aee9fef8e273bc73606f861730132f8358
96c4789afa26ff26289702778a3149c0db8867bb0bec86b2542a42293290729d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a74475bcc99e4ba22303b23f3f8a9ee135df25dd93262d094fe379125eb26f12
a8d6d6fce57622eb121d4dead914c063423885e8adda9e7aa5faddb4df8b2a39
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716
b4711a577d902fa887b33cb3939489497b075f192c6bc81af2e3dce894ab96e3
b5a7da603fb8cdff985845cc9f975fc7890d5c2135bd404ee92f0c7c601cb34a
b7447c370e537c5f120be3edfec04e61e7e1ddb2e15087d095b40359276b8a32
b7b6944fa5fa8c6bb2402d5e8ecc50b53f6060980065383f1273f4031b182a91
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb9e0ead1896945dd8f2f1d6d56b7060b2872b2d18aa4a448e7cdc044cfa7b9c
c8412bb3b68438c2fa801724a52747109a7403595466749120bb30281c6c6cde
cc0479aaf5edcb955753be6677bb6ca9920735c1e27f9326b1753268eeecf952
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d043a9613b13dee246ce87b54d0754393327477b39d96eb17f3498e7df5241de
d470ef903a10d0140ac3ba901f3d980eab963fa9696ddffe3def22b981dbdbe7
d8c4150a000bf477b01c6e208f1a9126c3f5cd7fb22892248bc0c49db1fdf3b1
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
dee73e42e2aace582db63ace69a693e6210558594a0f98a07b81fcd1274fc172
def7083c73ffd3e340024e93797e53f3cfd1935e5ecc609dfb9c295536a73e4f
e090cd262e0da782a888b72d3aabc8c99191689bd4bb9932c97ff31f76e6f46f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f437b42cb4abd0a714c6fc806ce5757432004498f633f61213e5d5d186cc37e7
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f75d5d64a96e2db69fe8186deac41a04f0886c083a9f0ef7df781e5ba9977043
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

gifon007.eu Open in urlscan Pro 2a00:19a0:3:7a:0:d9c6:7ac1:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

63 %HTTPS

62 %IPv6

18 Domains

26 Subdomains

23 IPs

4 Countries

1800 kBTransfer

4117 kBSize

24 Cookies

3 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gifon007.eu Open in urlscan Pro
2a00:19a0:3:7a:0:d9c6:7ac1:1 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

63 %
HTTPS

62 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1800 kB
Transfer

4117 kB
Size

24
Cookies

121 HTTP transactions
3 data transactions