easystreams.net Open in urlscan Pro
94.23.160.246 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://easystreams.net/
Effective URL:
https://easystreams.net/
Submission: On April 16 via api (April 16th 2023, 5:43:48 am UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 25 domains to perform 139 HTTP transactions. The main IP is 94.23.160.246, located in Germany and belongs to OVH, FR. The main domain is easystreams.net.
TLS certificate: Issued by R3 on February 19th 2023. Valid for: 3 months.

This is the only time easystreams.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	94.23.160.246 94.23.160.246	16276 (OVH) (OVH)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 16	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	52.59.144.36 52.59.144.36	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
139	21

27 94.23.160.246 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip246.ip-94-23-160.eu

easystreams.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.easystreams.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.144.36 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-144-36.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	410 KB
27	easystreams.net 1 redirects easystreams.net server.easystreams.net	1 MB
25	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	172 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	201 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4467	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	5 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 585	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	195 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9047	820 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 758	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 458	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	925 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1516	1 KB
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1770	294 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 337	531 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 833 r.turn.com — Cisco Umbrella Rank: 3425	869 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1326	488 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 685	931 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 778	339 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 627	545 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 496	876 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	607 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2400	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	80 KB
139	25

	Domain	Requested by
23	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	server.easystreams.net	easystreams.net
17	pagead2.googlesyndication.com	easystreams.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com
16	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	easystreams.net	1 redirects easystreams.net
6	fonts.googleapis.com	easystreams.net googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	tr.blismedia.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	mts0.google.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	onetag-sys.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	easystreams.net
139	32

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
easystreams.net R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
server.easystreams.net R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://easystreams.net/
Frame ID: 62196465A676E3FD43BBAA67198351FE
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 2FFFD93F8140BF575219820FC55907DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&adk=1812271804&adf=3025194257&lmt=1674784462&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feasystreams.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623823634&bpp=4&bdt=200&idt=379&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3875570893336&frm=20&pv=2&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=403
Frame ID: DFAD80C11C10481D95CDD4AC9AB0915B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
Frame ID: BB162DFD075FE25B30F61929725E3AC9
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16
Frame ID: 686D1175D54937E827501F515DDD8031
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19
Frame ID: CF005CDE33EFBD45C1EA4F38A3C9099D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6324AB757E03F91359C9CFE220574A2F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 287BC44ECEC3C89826198748DC017ABB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B20C4B558FCEE7C25241A263AFF7874C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C0A22938F7ABAFF1424AA7174EC7DC72
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 82E2FC991AB67B2AEA6C00A7DED66D4B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33BA7DF181531628A52756DB5FAF529B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5945007E18CF20BA648F934DE1E91C1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E89C40D2C9D2F851DA24AE23D97170C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 4EE3461595FFF06AE26248FFAABEE7DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 12FBA394EE0ED55EB75EBA4AC583CC1F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 22C085DE28D8DD06F5D9527DB0EF1A9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EasyStreams Sports

Page URL History Show full URLs

http://easystreams.net/ HTTP 301
https://easystreams.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

139
Requests

91 %
HTTPS

52 %
IPv6

25
Domains

32
Subdomains

21
IPs

5
Countries

2142 kB
Transfer

5165 kB
Size

24
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/easystreamsport

Search URL Search Domain Scan URL

URL: https://t.me/+cTOn5enFWBQ2YjJk
Title: Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://easystreams.net/ HTTP 301
https://easystreams.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECWS-mw5Lf_BzPEJ7hdGueo&google_cver=1&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoGdc3EsOIMoPwe3GY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoGdc3EsOIMoPwe3GY

Request Chain 118

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECCzbFNxYr6V8JJY5-rHS9E&google_cver=1&google_push=Aer7DvIpfqEymJ9P-_rzgeNN8Zcw1jODCfPltIho66t2uqDe5xosDRHDmbeVmmE0uNP1j1kiid4yetnkSzwrInmf1jcuKYWyGKrlKjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECCzbFNxYr6V8JJY5-rHS9E&google_push=Aer7DvIpfqEymJ9P-_rzgeNN8Zcw1jODCfPltIho66t2uqDe5xosDRHDmbeVmmE0uNP1j1kiid4yetnkSzwrInmf1jcuKYWyGKrlKjQ

Request Chain 119

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED47GREyX0potv4InZSk9h0&google_cver=1&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED47GREyX0potv4InZSk9h0&google_cver=1&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s&google_hm=I-IRr6YSS5KxzsCPhAV2iQ==

Request Chain 120

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSfk42UNbtDVhtb4ZHfqR0&google_cver=1&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4ScEOaeU1kTSkOxvUCTsoYLwmo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSfk42UNbtDVhtb4ZHfqR0&google_cver=1&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4ScEOaeU1kTSkOxvUCTsoYLwmo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc5NzEzODE4NTM4MTQwNDU2NQ&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4ScEOaeU1kTSkOxvUCTsoYLwmo

Request Chain 122

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMEXqVav0NFOxHu78Ar2e94&google_cver=1&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r23Z1Bz1Sh125EVEdhklk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r23Z1Bz1Sh125EVEdhklk

Request Chain 125

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOuZAGunXu9v2zdTQ4zK8-E&google_cver=1&google_push=Aer7DvKmEEfUq8Yxs73kfWGiNojoePI3X6QP2X9SDywakiybUcky_pQzxfx1lgzBJWgAuRT10kOns19fJi11-P_ESfn3teI7anH2mA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk1MDk1OTY5MTQyNzU1MTE4Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIdsR0KfZtwPyoe972x0JqI&google_cver=1

Request Chain 129

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHNj2PdWnCHsAQrpRn725FA&google_cver=1&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg0PFVZdSR00vzJJY7o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MDk0NjIwMA%3D%3D&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg0PFVZdSR00vzJJY7o

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOE-cNv_dHZ6a7sV26FrEtc&google_cver=1&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkFZp5vw5Q6x8RSOaiNQGkI06NuIhVI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTQtVS1NOUdK&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkFZp5vw5Q6x8RSOaiNQGkI06NuIhVI

Request Chain 131

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_cver=1&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8HHa_ZrE3q23UpKQTHbCBLL3nt9XWf93x11054R-8e-M9bRZMLWV0tYHt5l1G-wwlQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8HHa_ZrE3q23UpKQTHbCBLL3nt9XWf93x11054R-8e-M9bRZMLWV0tYHt5l1G-wwlQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_hm=ZDuLEmVoGAFINobiX4wwKwAADI0AAAIB&google_nid=index&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8HHa_ZrE3q23UpKQTHbCBLL3nt9XWf93x11054R-8e-M9bRZMLWV0tYHt5l1G-wwlQ

Request Chain 136

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELEKLECiVpM01d2z2995i8w&google_cver=1&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1aQknGHv6xY_9cUxibwZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MTIwODM0NA%3D%3D&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1aQknGHv6xY_9cUxibwZ

Request Chain 137

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAsT63dHBD0K6lreEjdRtvo&google_cver=1&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0as5qa1zrK750ZcgKNIfXeQiU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAsT63dHBD0K6lreEjdRtvo&google_cver=1&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0as5qa1zrK750ZcgKNIfXeQiU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA4NjkzNzU3NDEyOTU4MjY2Mg&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0as5qa1zrK750ZcgKNIfXeQiU

Request Chain 139

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKINtAcoQOJAEiduE0jHbrM&google_cver=1&google_push=Aer7DvKGRpnUOihDclM72IsgXk9fRk5ChICAVIBrVfH1z4WWkqNR4e5eJQK-RFr6EmzCCxt-bTyt--AT-sW1z11pfFiVy6od_IuWy-8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKINtAcoQOJAEiduE0jHbrM&google_cver=1&google_push=Aer7DvKGRpnUOihDclM72IsgXk9fRk5ChICAVIBrVfH1z4WWkqNR4e5eJQK-RFr6EmzCCxt-bTyt--AT-sW1z11pfFiVy6od_IuWy-8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp45vgujTZGWQn4Ag8Sl6g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKGRpnUOihDclM72IsgXk9fRk5ChICAVIBrVfH1z4WWkqNR4e5eJQK-RFr6EmzCCxt-bTyt--AT-sW1z11pfFiVy6od_IuWy-8

Request Chain 140

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEESW4bzygJhE_dKhXdxfD7M&google_cver=1&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j3iUeOMwMNAJ3VZwlZiFv5FgK6cd8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTYtMTUtMVNZSQ==&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j3iUeOMwMNAJ3VZwlZiFv5FgK6cd8M

139 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
easystreams.net/
Redirect Chain

http://easystreams.net/
https://easystreams.net/

1 KB
735 B

61ms
16ms

Document
text/html

94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: f8e08fd7f0ae38ea6c96e60b203fec60fcd731d22b6a2f69046d2dbd6548cd89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 481
content-type: text/html
date: Sun, 16 Apr 2023 05:43:43 GMT
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Sun, 16 Apr 2023 05:43:43 GMT
location: https://easystreams.net/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 108ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8640143531086883

Requested by

Host: easystreams.net
URL: https://easystreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62df66ae88522235b14150dc433530c2feb367a91c812aa52224d53b57d5f113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Origin: https://easystreams.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48020
x-xss-protection: 0
server: cafe
etag: 15676425676200059598
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 72ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ELCH4S4LG4

Requested by

Host: easystreams.net
URL: https://easystreams.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac91c00cc79eee15f73cdf026ab070c00410998588abb2a57cfdaff83df2958b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Apr 2023 05:43:43 GMT

GET
H2 200 main.cd217e18.js Show response
easystreams.net/static/js/ 1 MB
190 KB 37ms
33ms Script
application/javascript 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://easystreams.net/static/js/main.cd217e18.js
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 3ecbbacd37c0e0c43cf9bb3285ef2b9d7366a15b4f21fa119d3e712811631f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 194612
expires: Sun, 23 Apr 2023 05:43:43 GMT

GET
H2 200 main.0d86316b.css
easystreams.net/static/css/ 18 KB
4 KB 20ms
18ms Stylesheet
text/css 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://easystreams.net/static/css/main.0d86316b.css
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: b881ea4020eaa35e48840c8551efc9968bde123641e52a3c03fdec99bad344ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4117
expires: Sun, 23 Apr 2023 05:43:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
923 B 64ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;1,300&display=swap

Requested by

Host: easystreams.net
URL: https://easystreams.net/static/css/main.0d86316b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9416b7588bb7972dbde15221e4fbed172cfb22017a489473c3dcbf3283038e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 05:43:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ELCH4S4LG4&gtm=45je34c0&_p=314720823&cid=1363842476.1681623824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681623823&sct=1&seg=0&dl=https%3A%2F%2Feasystreams.net%2F&dt=EasyStreams%20Sports&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ELCH4S4LG4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://easystreams.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 66.4e3fe87b4e1523134650.png
easystreams.net/static/media/ 370 KB
370 KB 19ms
18ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easystreams.net/static/media/66.4e3fe87b4e1523134650.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 8e3cab58911ede1e8b4202dafe51be651e1e08ed530433b59ffde0dae058e37e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 378529
expires: Sun, 23 Apr 2023 05:43:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 345 KB
116 KB 135ms
85ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8640143531086883&plah=easystreams.net&bust=31073770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8640143531086883

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cfedf4dd6026e71b31593cf003cc5ba40e3229a666839de43b9868ded9ee590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118241
x-xss-protection: 0
server: cafe
etag: 6674678910639898916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 2FFF 10 KB
5 KB 54ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8640143531086883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:09:30 GMT
etag: 2378337311435320485
expires: Sun, 30 Apr 2023 05:09:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 post-new Show response
server.easystreams.net/api/admin/ 32 KB
4 KB 537ms
23ms XHR
application/json 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.easystreams.net/api/admin/post-new
Requested by: Host: easystreams.net
URL: https://easystreams.net/static/js/main.cd217e18.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: / Express
Resource Hash: 9afd4e0afd9d4b3748fc3d4fe358b02d16ca4ba3261bf1fbd1a2567d1b160942

Request headers

Accept: application/json, text/plain, */*
Referer: https://easystreams.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
content-encoding: br
x-powered-by: Express
etag: W/"8070-kD69s9oftnSHhpOZjFKph9NXdGo"
vary: Origin,Accept-Encoding,User-Agent
content-type: application/json; charset=utf-8
access-control-allow-origin: https://easystreams.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4083

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 56ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=easystreams.net&callback=_gfp_s_&client=ca-pub-8640143531086883

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8640143531086883&plah=easystreams.net&bust=31073770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0be706dc55e49a9ecedcc0796ffd95e8264554fc50ce18fa6762631af72c4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 64ms
22ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 65ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
49ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=w-full%20h-screen%20flex%20z-99%20fixed%20top-0%20left-0%20bg-white%20overflow-y-hidden%20&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: easystreams.net
URL: https://easystreams.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=w-full%20h-screen%20flex%20z-99%20fixed%20top-0%20left-0%20bg-white%20overflow-y-hidden%20&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: easystreams.net
URL: https://easystreams.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFAD 176 KB
48 KB 1629ms
1628ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&adk=1812271804&adf=3025194257&lmt=1674784462&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feasystreams.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623823634&bpp=4&bdt=200&idt=379&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3875570893336&frm=20&pv=2&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=403

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5167c5e9c9a6e42deae5764409921c5a17b2a239c4f40ae2f30ecfe27c859dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48947
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:43:45 GMT
expires: Sun, 16 Apr 2023 05:43:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 22.283fb39a329940f60b4c.png
easystreams.net/static/media/ 257 KB
257 KB 17ms
17ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easystreams.net/static/media/22.283fb39a329940f60b4c.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 0cbc26d095ea503e7e09b454320515de6544a71901aaa2bd65a5197c13bf63d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 263052
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H3 200 landing.588d03231c64eb112f65e126f20cdbb4.svg
easystreams.net/static/media/ 160 KB
54 KB 21ms
18ms Image
image/svg+xml 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easystreams.net/static/media/landing.588d03231c64eb112f65e126f20cdbb4.svg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 7a99043b793884afd669d861e31cc3d4dd0f38a04fd35f4412d513bafd506547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 01:54:22 GMT
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55564
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681618529934.jpg
server.easystreams.net/uploads/ 9 KB
9 KB 73ms
68ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681618529934.jpg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 256dd89cd1eca26db88a4275beadc6e9c7c6c544554d9b8168b2e4c6800dcc6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:15:29 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8750
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681618529934.jpeg
server.easystreams.net/uploads/ 7 KB
7 KB 72ms
67ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681618529934.jpeg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: d4afcd9f5c6ed612b8d826b1cab671242751bf28bb91a2f321f91d40722a4696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:15:29 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7233
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681618791599.png
server.easystreams.net/uploads/ 10 KB
10 KB 72ms
68ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681618791599.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: cf1da05f75278e79520b58d91c5732e964db5ab4ec1083050512d3849b161b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:19:51 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10036
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681618791599.jpeg
server.easystreams.net/uploads/ 6 KB
6 KB 72ms
68ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681618791599.jpeg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 9cd1336841f9b6a47bfefd1304c8f86d2a04a768358ef88a6144130074555e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:19:51 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5713
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681619206017.png
server.easystreams.net/uploads/ 12 KB
12 KB 71ms
67ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681619206017.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: de0c9c3860b20b3d9f82dc543bb69514fa9435a0838781dcc6521292156bec54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:26:46 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12455
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681619296587.jpg
server.easystreams.net/uploads/ 6 KB
6 KB 71ms
67ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681619296587.jpg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 8e6827c4dd1520ef7d2f0c8d216d049e557f985790e7befb27a1538a3f49181c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:28:16 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6413
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681619296587.jpeg
server.easystreams.net/uploads/ 4 KB
4 KB 71ms
67ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681619296587.jpeg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 2cadc9dfc1efa1d112c93590463993777e026e0b862610fdc1abc8a7dd6fbf66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:28:16 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3800
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681619514594.gif
server.easystreams.net/uploads/ 4 KB
4 KB 69ms
66ms Image
image/gif 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681619514594.gif
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 43fa4e069aaf1445029aeb584118ff5940c20ebb1a8e4ed8d940415c34a7e233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:31:54 GMT
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4007
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681619514594.png
server.easystreams.net/uploads/ 5 KB
5 KB 37ms
33ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681619514594.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 3d0e2e6754e9a065131116c52bd3d3a1a0639949d957b05969cbedb72e4a6661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:31:54 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5406
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681620286825.jpg
server.easystreams.net/uploads/ 6 KB
6 KB 70ms
66ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681620286825.jpg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 02e171589aa0feefa6b419dc7607f5482bd56079e8f16004f87860c560bbb663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:44:46 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5926
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681620286825.png
server.easystreams.net/uploads/ 10 KB
10 KB 68ms
65ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681620286825.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 450e2213eddce017572ee5aa2a7a1f503147755e6c93a21650a96adb25a303ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:44:46 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10207
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617459299.png
server.easystreams.net/uploads/ 9 KB
10 KB 36ms
33ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617459299.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 6734003dc6b56aab8002cae9f790ca68921971d89cda08cbaaa0a68789166dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 03:57:39 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9656
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617459300.gif
server.easystreams.net/uploads/ 60 KB
60 KB 37ms
33ms Image
image/gif 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617459300.gif
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: dc2cfbdca0b41a7a8f12e4999387928b5b04baa1a7830673de7e569a09622948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 03:57:39 GMT
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 61773
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617521129.jpg
server.easystreams.net/uploads/ 8 KB
8 KB 53ms
50ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617521129.jpg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 5fbf59e004943239b1d3c5c8536ce8b058a810fb50f88d774bd60c4822581500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 03:58:41 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8434
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617521129.jpeg
server.easystreams.net/uploads/ 4 KB
4 KB 69ms
66ms Image
image/jpeg 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617521129.jpeg
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 264bec49df54617739d590247245dd50f15b5966666c8bc6d98970b40a487abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 03:58:41 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4473
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617812943.gif
server.easystreams.net/uploads/ 7 KB
7 KB 69ms
66ms Image
image/gif 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617812943.gif
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: f62292d466cfbd8d15e040157b49199b2d40a0bae7c6596d008d1d7d7821ad0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:03:32 GMT
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7431
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617812943.png
server.easystreams.net/uploads/ 6 KB
6 KB 69ms
67ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617812943.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 96aeabc02fb45c447f9ea39b5f3b1c51b165c9022a43d81f46fcf9ffebcf80d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:03:32 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5770
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617882035.png
server.easystreams.net/uploads/ 9 KB
9 KB 69ms
67ms Image
image/png 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617882035.png
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 845ced6274ea1e199f70625c7621855eb2f6160d73fca5ee56ac583c08f55bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:04:42 GMT
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9604
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 1681617882035.gif
server.easystreams.net/uploads/ 8 KB
8 KB 69ms
67ms Image
image/gif 94.23.160.246
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.easystreams.net/uploads/1681617882035.gif
Requested by: Host: easystreams.net
URL: https://easystreams.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.23.160.246 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip246.ip-94-23-160.eu
Software: /
Resource Hash: 2822de600f938c8e3d6dfd1d58adb52947e2bc5d4903b588823769d40fd4d374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:44 GMT
last-modified: Sun, 16 Apr 2023 04:04:42 GMT
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8340
expires: Sun, 23 Apr 2023 05:43:44 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
13 KB 48ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://easystreams.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:52:07 GMT
x-content-type-options: nosniff
age: 413497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:52:07 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 51ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://easystreams.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:00:30 GMT
x-content-type-options: nosniff
age: 412994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:00:30 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 65ms
65ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44f662377fc166b25bb5425955e4984bfc50a518213566eb62bfcf378a074cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11170
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 150 KB
51 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/reactive_library_fy2021.js?bust=31073770

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

281ca3f0c83453a58a26b3746f2f5edc3df17fca9295c2c26730c95875c61751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52142
x-xss-protection: 0
server: cafe
etag: 4909053327126467089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 23ms
22ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB16 91 KB
33 KB 377ms
377ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22665c1d5e2013f7ed3168b62de396a56fde89f6df5fadbbe74cb4315023b57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33756
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:43:46 GMT
expires: Sun, 16 Apr 2023 05:43:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 686D 127 KB
40 KB 356ms
356ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aef43d36943ac8761a462f8f07e4426e6fe274eb58e9dfd3e030f9d8c5624e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:43:46 GMT
expires: Sun, 16 Apr 2023 05:43:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF00 127 KB
39 KB 343ms
343ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90e842645e54550b1efbf3581f58597fdc9604f5f2deaaa229918c7d88368ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40320
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:43:46 GMT
expires: Sun, 16 Apr 2023 05:43:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easystreams.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 6324 10 KB
4 KB 12ms
12ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 01:23:10 GMT
etag: 2378337311435320485
expires: Sun, 30 Apr 2023 01:23:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 6324 4 KB
730 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:15:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6324 205 B
650 B 48ms
12ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 01:09:00 GMT
x-content-type-options: nosniff
age: 16485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 Apr 2024 01:09:00 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6324 604 B
695 B 48ms
13ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:08:02 GMT
x-content-type-options: nosniff
age: 56143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Apr 2024 14:08:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame 6324 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:22 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 287B 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 22:44:33 GMT
expires: Sun, 14 Apr 2024 22:44:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B20C 783 B
1 KB 60ms
23ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10eaec7ea68a27a35e674c950e685e37a7aab13f0a64985940cbf013b2406549

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gQk56P3hcQsXemEu9WKagA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://easystreams.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-gQk56P3hcQsXemEu9WKagA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 05:43:45 GMT
expires: Sun, 16 Apr 2023 05:43:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame C0A2 8 KB
893 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:32:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C0A2 2 KB
846 B 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame C0A2 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C0A2 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C0A2 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0A2 159 KB
49 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame C0A2 33 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 17:59:46 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 287B 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B20C 0
0 48ms
48ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=2869029481749521&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 287B 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oCpFlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 82E2 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: easystreams.net
URL: https://easystreams.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CF00 8 KB
893 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:21:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF00 2 KB
765 B 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame CF00 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF00 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF00 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:05:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CF00 0
0 22ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0r2IvetCzAt4tkwPg0mjKPlfgYfI4fzI_GYFpld6vxNZKXDJNpxUgrsKQ9LN5s6sx9EoQ9ZOPtOzsUkeA5_CMKexYuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF00 159 KB
49 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame CF00 33 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 17:59:46 GMT

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 686D 9 KB
4 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 10:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 10:24:40 GMT

GET
H2 200 c9dff110b733caaac6e736e343d74be1.js Show response
www.gstatic.com/mysidia/ Frame 686D 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c9dff110b733caaac6e736e343d74be1.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb61624447ec0702c34a3e585e794916e166402019c141cd89f0156bd12f40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 16:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8181
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 16:08:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 686D 8 KB
893 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:20:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF00 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcsxwEYs7ZO7ZLpG89u8PgIS84A6p_MKrbfuHnbGEEaycwLvaGhABIKyhs5gBYJWCgIC0B6AB2575gSnIAQmpApoet5AKcbI-qAMByAPLBKoE4QFP0CzHQhXWFNhgaif3arK8KezTv6ym6iUGM_od7mIriI1Is0w5zO6AMAQaH9jKBVjc9ecvyYxITlChbtsJR2cTCHSnqRSnyjfbLlByzee_Dde-pNuvaIqsUWOMF3aHQx5IOeOIFK7uCLERjVcwc8lZ8-8pqPmdi6EGhGpvcfrV9R3d89UUKpnUKktUB2Uw4Hux06jnJScVHvn088AnpO8AxV2XHRY8qyQgmGOdTxT2ty4sBgTlWY74QZn0x1TXWOlNsoWthtXlh-aTcminPQfC7EeRNq95cxFpv62P7iJFXKzABPvL9YGpBJIFBAgEGAGSBQQIBRgEoAYugAfb1snhA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMOIBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi04NjQwMTQzNTMxMDg2ODgzGAA&sigh=g-X_alLttp4&uach_m=[UACH]&cid=CAQSPABygQiD-kWOM-v_mKVPB5r1_ydAKOyh-DqBo372EgfqdPoKZbOWUUhMv3p7i7ja6eh92iKuAmA-6PXdDRgB&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 16 Apr 2023 05:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 686D 2 KB
765 B 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:25 GMT

GET
H2 200 ee2c59080e5bf120007802dc0b017c3c.js Show response
www.gstatic.com/mysidia/ Frame 686D 6 KB
2 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee2c59080e5bf120007802dc0b017c3c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2361
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 09:41:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 686D 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 686D 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 686D 20 KB
8 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:05:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 686D 159 KB
49 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 686D 33 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 17:59:46 GMT

GET
H2 400 data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w
mts0.google.com/vt/ Frame CF00 0
0 115ms
22ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CF00 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF00 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF00 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF00 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame BB16 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BB16 6 KB
669 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:22:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame BB16 2 KB
765 B 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame BB16 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame BB16 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame BB16 20 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:05:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BB16 0
0 22ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtBfeV_8aOP7qyFli7AybmAV9L7SBa-O5zbJ_4iY0JOmFZehY6353o0UwAvzFgFNW0rYyhtqOwUoFWJzwxLRG05QPmvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB16 159 KB
49 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:43:46 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame BB16 33 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 17:59:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 33BA 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF00 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 660b97725b27a4cfc5a3b1ed58e22416a9e4af002d7245287b420d096338fe1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 400 data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w
mts0.google.com/vt/ Frame 686D 0
0 72ms
28ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 686D 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 686D 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 686D 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 686D 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 686D 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV0wHEYs7ZN-xLvOj7_UPl_-9eKn8wqtt-4edsYQRrJzAu9oaEAEgrKGzmAFglYKAgLQHoAHbnvmBKcgBCakCmh63kApxsj6oAwHIA8sEqgThAU_QsE2t7g-oeyYqotwUesMeslPKOSucs_wdbECFsHX7zR8I9UbtNX91k7zW0IgDwYGX2B9pgKALx5OjLSKbWAU2z2ZKiSF4X0CmxX49e467-BWDORla1waT6gF06ND90T1vhToBr7ITcekCWhBNlzpEiXj3tZe9QzROd56jQs9NBMore_00UvzonF-cTqA3BXXc2ZrODWvoKAI6UO5MBtyv9lQy6-dry6qUcyK2PCSwB3l9XvyhAitNKOyBsFxn-_Zsi7qHV7DftatElSvu_eSMRU59D4k71fl2KmjS62KDb8AE-8v1gakEkgUECAQYAZIFBAgFGASgBi6AB9vWyeEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnMUC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTg2NDAxNDM1MzEwODY4ODMYAA&sigh=pX-G306Xafc&uach_m=[UACH]&cid=CAQSPABygQiDyDifVn0KF3XnljHb4ZNYczfZ8vMT2Gq-HyeHYAkKWi29eTznne1G70wcBF1kj4pWrccyDhQ8-hgB&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 16 Apr 2023 05:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D594 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 686D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3140f24deb3d4f81a706063c9dd9e4f23189bd9e635f8a5aecf51360ea31014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB16 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8FMWEYs7ZOWdLvGP7_UPte2FuAjM2fj2b-zuz_XkEIuwn8_AOhABIKyhs5gBYJWCgIC0B6ABsdXSngPIAQmpApoet5AKcbI-qAMByAPLBKoE0wFP0CVSaGNtWvEFB1795deOyLCCL3yBlhDIZuGFriWjUwzJnMYqRrItCUSJuPh_ig8Wg2xz1yZgw8njOA5B27XPvQYw8SgwX0p2bG2tn7JXblDetpHX5fgJZd0y8k3fBekFutfEqa6aL3aG7_3T9zdCXaexHH6smX5IwvVwl_U1k4CwB_Ri0PDjALY57cUc6BGjzyiAEJs_wEo9uFrXYzNRowLcX4S2ojmkTPYTJjB0IZJzfKkJrn6QiEtNhzNXcaFPsVTTK2SV0eQQA9YzqHtIwwsOwAS6wYX6oASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHt6qtYagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELf8AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NjQwMTQzNTMxMDg2ODgzGAA&sigh=xpy_9s6wCsQ&uach_m=[UACH]&cid=CAQSPABygQiDel6inCna8s_eJ2iBWsO6I8o1-eiXh--7x4qgujayuxJS5avW2Gf3XK_jUsSx6XkiLlZ7t7_fohgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 16 Apr 2023 05:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E89C 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4119323664201820921/ Frame BB16 14 KB
14 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4119323664201820921/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12ee5ca45e7bd9dd4562ef0121717340864ec3c27cdd8a5f3eb94307eabaa20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:16:09 GMT
x-content-type-options: nosniff
age: 131257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 12:43:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 17:16:09 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17284642442124186918/ Frame BB16 1 KB
1 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17284642442124186918/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beaa85f076b8d5d3a918d459e3ba773ae0d52414a0b8d5a69251d3b6e41a820e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:13:01 GMT
x-content-type-options: nosniff
age: 156645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1048
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 12:43:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 10:13:01 GMT

GET
DATA 200
OK truncated
/ Frame BB16 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 906d2346f91cf7998e24399edc69cd3b1f066891cc9180fb9e94800c7f7ef27e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame CF00 29 KB
29 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 460133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 33BA 35 B
466 B 29ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGTCMzV8emPhQwFhF7khnfA&google_cver=1&google_push=Aer7DvKt4D5vfMifiRIhb16xWU8Lk28C-LTEvdUSILOqCKJfd3FLQu31STFijWlbmPohDfs7k99X_iaoc6b4qrJYkFrhxnc1rqlUOw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 33BA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECWS-mw5Lf_BzPEJ7hdGueo&google_cver=1&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoG...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoGdc3EsOIMoPwe3GY

170 B
233 B

23ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoGdc3EsOIMoPwe3GY

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 16 Apr 2023 05:43:46 GMT
Server: MT3 796 58fb543 master cdg-pixel-x35 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLLURJeWGKI8PcXrUEpl5ERt2eLBTpYSKR_bOQO-s0AlvYlvKGMbiBqlZQBf0PC48n6lqAcbhoknUyWreoGdc3EsOIMoPwe3GY
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 16 Apr 2023 05:43:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECCzbFNxYr6V8JJY5-rHS9E&google_push=Aer7DvIpfqEymJ9P-_rzgeNN8Zcw1jODCfPltIho66t2uqDe5xosDRHDmb...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECCzbFNxYr6V8JJY5-rHS9E&google_push=Aer7DvIpfqEymJ9P-_rzgeNN8Zcw1jODCfPltIho66t2uqDe5xosDRHDmbeVmmE0uNP1j1kiid4yetnkSzwrInmf1jcuKYWyGKrlKjQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230025-FRA
pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681623826.283129,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECCzbFNxYr6V8JJY5-rHS9E&google_push=Aer7DvIpfqEymJ9P-_rzgeNN8Zcw1jODCfPltIho66t2uqDe5xosDRHDmbeVmmE0uNP1j1kiid4yetnkSzwrInmf1jcuKYWyGKrlKjQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 33BA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED47GREyX0potv4InZSk9h0&google_cver=1&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAO...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESED47GREyX0potv4InZSk9h0&google_cver=1&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wy...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s&google_hm=I-IRr6YSS5KxzsCPhAV2...

170 B
233 B

23ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s&google_hm=I-IRr6YSS5KxzsCPhAV2iQ==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s&google_hm=I-IRr6YSS5KxzsCPhAV2iQ==
date: Sun, 16 Apr 2023 05:43:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33BA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSfk42UNbtDVhtb4ZHfqR0&google_cver=1&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4Sc...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSfk42UNbtDVhtb4ZHfqR0&google_cver=1&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc5NzEzODE4NTM4MTQwNDU2NQ&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc5NzEzODE4NTM4MTQwNDU2NQ&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4ScEOaeU1kTSkOxvUCTsoYLwmo

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc5NzEzODE4NTM4MTQwNDU2NQ&google_push=Aer7DvJGpACRtBamf-ofpxakFYMy38U_ZnhTQIoN2_EDV3u_WC3YLSzKTZppNCmqwoa8XXmlBuBLS4ScEOaeU1kTSkOxvUCTsoYLwmo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 33BA 43 B
352 B 51ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEERQqvOZH5GePK7jqe0Ib2M&google_cver=1&google_push=Aer7DvKdUa2AZzuMut2lSlktp8asINpIVVHcAlrdha5luHF0qSPSBGLrXe72w37ouqtRbAZuJwHk5GozsRuYiIAzQfHZ-lTil6ED
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4068240251&adf=2813169966&pi=t.aa~a.1471963285~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aSr3WAvt95&p=https%3A//easystreams.net&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cufuqiglbtlkll89k7v18odo45hm8h2g

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 33BA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMEXqVav0NFOxHu78Ar2e94&google_cver=1&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r23Z1Bz1Sh125EVEdhklk

170 B
330 B

22ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r23Z1Bz1Sh125EVEdhklk

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLa4RKn-scP54G5xsgat2Q_TYPzNujJOy6VeRCl9ioKiDl4ESX3OxcjYIJkcY1Hojxnxg9fq_Z07_r23Z1Bz1Sh125EVEdhklk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 33BA 0
140 B 57ms
22ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ldmn-R6mM_a4dF9UdmKKcXFblp779NQ_8ltOs2LmkXacXMhXoCpfS0_LPZ4seiWXm5Xdtu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 686D 29 KB
29 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 460133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D594
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOuZAGunXu9v2zdTQ4zK8-E&google_cver=1&google_push=Aer7DvKmEEfUq8Yxs73kfWGiNojoePI3X6QP2X9SDywakiybUcky_pQzxfx1lgzBJWgAuRT10kOns19fJi11-P_ESfn3teI7anH2mA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk1MDk1OTY5MTQyNzU1MTE4Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIdsR0KfZtwPyoe972x0JqI&google_cver=1

43 B
398 B

58ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIdsR0KfZtwPyoe972x0JqI&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Apr 2023 05:43:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIdsR0KfZtwPyoe972x0JqI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D594 35 B
465 B 9ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ9bRFukUSPxpGBWM3wKA1w&google_cver=1&google_push=Aer7DvL7XY--5b5WEf7XY1v68n5lvg0a_gzgyjhYOmUH_yenc-YH3Eoo3h_mG9OeudixKZu4xBxW_G7L2sLxT8VoFAI7qFbiWTBPuJw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D594 70 B
265 B 106ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB7W7IpXPEKBAA-8c-s1Px8&google_cver=1&google_push=Aer7DvIRAdekiusCFutKOn3ruE5xkNR3vAZRuqxtoQtd9q3Q8GkWHH0xHd6Dvyo2g93efyau-wMmUQsWe46b1SDx7PucGk52VtU46Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D594 0
174 B 53ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKj3jpdOdvoJWF2SJyBzBUs&google_cver=1&google_push=Aer7DvJSbzKUX2N-EmXrHdCkLL2hMqbsZuzbUZpz8QAwpboYxJHaM4zuT-7D6PdtgmAPJJgQvByVs3f2EQ81ZXqxFmDOiNlwEz9DQg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=2062109667&adf=1572843655&pi=t.aa~a.4098123398~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=1&bdt=2286&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0%2C1200x280&nras=3&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M7dZePRnD5&p=https%3A//easystreams.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D594
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHNj2PdWnCHsAQrpRn725FA&google_cver=1&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MDk0NjIwMA%3D%3D&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg0PFV...

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MDk0NjIwMA%3D%3D&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg0PFVZdSR00vzJJY7o

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MDk0NjIwMA%3D%3D&google_push=Aer7DvJTVDPI-IyzBCBHcvoAQWoVoKDYvqfd_RET70f1CG3-zGQfYPLciqQBbXFOFa_HCOJvFQ147ZphOimQCg0PFVZdSR00vzJJY7o
Date: Sun, 16 Apr 2023 05:43:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D594
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOE-cNv_dHZ6a7sV26FrEtc&google_cver=1&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTQtVS1NOUdK&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkFZp5vw5Q6x8RSOaiNQGkI06NuIhVI

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTQtVS1NOUdK&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkFZp5vw5Q6x8RSOaiNQGkI06NuIhVI

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTQtVS1NOUdK&google_push=Aer7DvJh7YIZEaOEy5KUUpGzb9OoU15S4xoxdyz_12nhOu2PwuvOqFJyppt43CW2bboNJgkiXkFZp5vw5Q6x8RSOaiNQGkI06NuIhVI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D594
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_hm=ZDuLEmVoGAFINobiX4wwKwAADI0AAAIB&google_nid=index&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_hm=ZDuLEmVoGAFINobiX4wwKwAADI0AAAIB&google_nid=index&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8HHa_ZrE3q23UpKQTHbCBLL3nt9XWf93x11054R-8e-M9bRZMLWV0tYHt5l1G-wwlQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 05:43:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELCJbin6qt2ApIUGJjoOhro&google_hm=ZDuLEmVoGAFINobiX4wwKwAADI0AAAIB&google_nid=index&google_push=Aer7DvK-17iubAEhyE3Dg5uO3nWwJPjyN-wc8HHa_ZrE3q23UpKQTHbCBLL3nt9XWf93x11054R-8e-M9bRZMLWV0tYHt5l1G-wwlQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D594 0
41 B 38ms
27ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFoZEfhe2oV6_A13ckDIlp_6D4BNrrb_075AFErHEDSNWIQkzE2eibph16YN2TS7ROhL9m

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EE3 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E89C 70 B
266 B 61ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECbhKrCjuhKy2o4dR0s_9lc&google_cver=1&google_push=Aer7DvKEppKcUsR4sQNRZ_eZvUJmkJskn00UHa9Fbcpyh3RGJwASfbdPpsec2UHmX9lwCDO-xfS4TGCNlneAdW23l1arhM_UdvOT6V6d
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E89C 0
120 B 19ms
17ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM_HeNkXitRMm4-67vhbVd4&google_cver=1&google_push=Aer7DvIJV_QbYlO_F26rmkOK1xDVa_rxA814xnVN40N3dXV1_82RC38kK7kBDW10qv9uFvRzMvIykXimDZX7Tzod7rd6b3mqtHCuiqd3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E89C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELEKLECiVpM01d2z2995i8w&google_cver=1&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1a...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MTIwODM0NA%3D%3D&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1aQknG...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MTIwODM0NA%3D%3D&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1aQknGHv6xY_9cUxibwZ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjUxOTMzNjg1MTIwODM0NA%3D%3D&google_push=Aer7DvJ3ZZnT3Duyxxr29PxELyUTUv4xu6f9XIbo73LqlPcKzs7SV9aIRVf4aXR56V7y5CApf5qmGTqdJ-Im1aQknGHv6xY_9cUxibwZ
Date: Sun, 16 Apr 2023 05:43:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E89C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAsT63dHBD0K6lreEjdRtvo&google_cver=1&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0a...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAsT63dHBD0K6lreEjdRtvo&google_cver=1&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA4NjkzNzU3NDEyOTU4MjY2Mg&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA4NjkzNzU3NDEyOTU4MjY2Mg&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0as5qa1zrK750ZcgKNIfXeQiU

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA4NjkzNzU3NDEyOTU4MjY2Mg&google_push=Aer7DvJNEpVDEs_S2IIrSp2S7onjAVALntMa0i1wrLpUM_Qb53dZe6GKfa8BpNbhexwIhghy1fpy8U0as5qa1zrK750ZcgKNIfXeQiU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame E89C 43 B
136 B 19ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECUe9lJPBbHoR8GetaPiQwU&google_cver=1&google_push=Aer7DvIhCKzLyjXrhqPX5-HyMwRzPLuu3SLX3JVHTMGLuL4zP-HHT6Dhz-pR1Ve-nfFHs3vj8tNNFOL2Yda3pemiyh6_2murvS9-SRE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8640143531086883&output=html&h=280&adk=4146422958&adf=1602406847&pi=t.aa~a.912387967~rp.1&daaos=1681563504807&w=1200&fwrn=4&fwrnh=100&lmt=1674784462&rafmt=1&to=qs&pwprc=7590978747&format=1200x280&url=https%3A%2F%2Feasystreams.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681623825720&bpp=2&bdt=2285&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9fbbe458ef193ce8-2200d06794dd00d5%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MY1j4hm770hFfHynUqwIqFn74zYPg&gpic=UID%3D00000bd69c555547%3AT%3D1681623824%3ART%3D1681623824%3AS%3DALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug&prev_fmts=0x0&nras=2&correlator=3875570893336&frm=20&pv=1&ga_vid=1363842476.1681623824&ga_sid=1681623824&ga_hid=314720823&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759842%2C31071259%2C31071755%2C31073770%2C31073793&oid=2&pvsid=2869029481749521&tmod=211985505&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6QJm7ouY33&p=https%3A//easystreams.net&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: k96gdmj55ltjnhqt4hc2j52q0cfk8qo3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E89C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp45vgujTZGWQn4Ag8Sl6g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp45vgujTZGWQn4Ag8Sl6g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKGRpnUOihDclM72IsgXk9fRk5ChICAVIBrVfH1z4WWkqNR4e5eJQK-RFr6EmzCCxt-bTyt--AT-sW1z11pfFiVy6od_IuWy-8

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp45vgujTZGWQn4Ag8Sl6g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKGRpnUOihDclM72IsgXk9fRk5ChICAVIBrVfH1z4WWkqNR4e5eJQK-RFr6EmzCCxt-bTyt--AT-sW1z11pfFiVy6od_IuWy-8
date: Sun, 16 Apr 2023 05:43:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E89C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEESW4bzygJhE_dKhXdxfD7M&google_cver=1&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTYtMTUtMVNZSQ==&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j3iUeOMwMNAJ3VZwlZiFv5FgK6cd8M

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTYtMTUtMVNZSQ==&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j3iUeOMwMNAJ3VZwlZiFv5FgK6cd8M

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdJWkVPUTYtMTUtMVNZSQ==&google_push=Aer7DvLHi9A4ITklAEq-nm2JOdMvyssENnHwTl5gD4iK8TeIttiLywejB5ipzqkh7J1bw6pbc0j3iUeOMwMNAJ3VZwlZiFv5FgK6cd8M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E89C 0
50 B 22ms
21ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQQYU5fRY1fa8APUL87Rk_aHlbbf9-5d0oCp69tRkGNEEMk5YOjjwLuTzXBccGBL6nWfRD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:43:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB16 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 414758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB16 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 414756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB16 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 414755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 12FB 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 686D 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2JsdWUtc3F1YXJlCgoIAioGc2VydmVyCi8IBCorbXlzaWRpYV9hbmFseXRpY3NfZXhwMyxteXNpZGlhX3JlbGVhc2VfcHJvZAoNECshAAAAAAAALkAwBAoNEAMhAAAAnJlBekAwBAoNEAohAAAAAJiZBUAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEyMDB4MjgwMAQKDhAZKggxMjAweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAADQzHx6QDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA0QDAECg0QBSEAAAAAAIB6QDAECg0QECEAAAAAoOvjQDAECg0QESEAAAAA4JfwQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAAQDAECg0QFyEAAAAAADB-QDAECg0QFCEAAAAAsM3xQDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAADOzBSCQDAECg0QMiEAAAAAoJnJPzAECg0QMyEAAAAAoJnJPzAECg0QNCEAAAAAoJnJPzAECg0QNSEAAAAAoJnJPzAECg0QNiEAAAAAoJnJPzAECg0QNyEAAAAAoJnJPzAECg0QOCEAAAAAAADwPzAECg0QOSEAAAA0M0t2QDAECg0QOiEAAADQzNR2QDAECg0QOyEAAACcmSl-QDAECg0QPCEAAACcmSl-QDAECg0QPSEAAAAAADB-QDAECg0QPiEAAACambWBQDAECg0QPyEAAACambWBQDAECg0QQCEAAAA0My-CQDAEEhpDSl8tbnZiWXJmNENGZlBSdXdnZGwzOFBEdyImbG9jYXRpb24vbG9jYXRpb25fZXh0ZW5zaW9uX2F3eF9zcXVhcmUoHA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c9dff110b733caaac6e736e343d74be1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 05:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 22C0 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=2869029481749521&bg=!sbKlsubNAAZA7GLoYOw7ADkAdvg8WuXpc3pkUqEMYBeY1Ejj9ahUHghSChyhRBvP5FiDo9xz9jgqAO7gqU77Tn5OIBYJxK2m5jUCAAAARlIAAAACaAEHCgAeifS9iENVEOEE8iK-jjPxnsqb8vZgeh1VzI0APtwGmQLOleJQyNOXtKtEB96TngQWT2m_1u27V-xkSq5bof_qF5MvV5baTzguVJD1i3oZr4fVAeHMyRkGmQsm8rm04lmo32DMcf7T0E84UbtJ00YFI9G_0cyVjbQHbqT99PVDCr6cEe7nztbxW6es3JGiSwu5brjIJcMw4M-PkACYcjrzeeG5YsBPztXOkZvT3ZgypNRYC9NHsyKjJFVbrQ3BBO5rY7rK0UaIDi_-mZK_pAc7p3H4K8EZM-KEquQaFwvDHy5mqVe2h2JILso2FO0syZToTb2MVmwtXDyQgOtxC6SGYtf959F09sxfyyqNZSxBfdiR3GBWT4Qf9x1IXDqeNNJfSTQel6wnsaI9HaXJfVB_dWkPg7ZmGfuL-bOHBqRT9ZPlLhfz2JGA-PtKXMu9pRrWDv8qQ1w9z_nGC6rFZViq5jmfXsb1guJcVRCvUi-pA4es5QhRbYA3E5I9mgC9JkpQocnG5aGE9AEyJw66G8W6yueD5mnmWl0iH8kX1Op70cVFjbVtL3eRnN21Lrd0IzEHZj3_OHdSwb5k4lUkLfK58IG0697De-Cn5hGupK0-wN-l9ykmicRmztZiTzfyGCSeKuTq630tjcWMiurTPCh0ynrqs6sGUM_rq-Sq9mWOzBrIBoxFBn-wWD596md_BtOUgN-Alc_9uXL1HTCEHfB8WjyTBb6dSiBr81U9mnszZVY-ZOSII2Rg5Rb56k_TPQ_yKYTMAesiqObuPvyUiWFkgMtsM3224rLv-sslS1ECB-Q3OO2IpNMgW-QkN9Y-IS1mFt6Kysgq0h3cTsWKRWJOBWxDsBKTBmnElB8r7-opF4MmD-4OJQbyeWFxlDny750gjalCdTRkp2idOR4Ey-PreeRYS97A0tFVVdVAwgcHfupuIFabi6W_oxauDRSzekUlCiMT1NwnhAsyNSTZmvVR7Tv_kt3RKqXpbEN-SbyFYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easystreams.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.easystreams.net/	1970-01-20 20:43:03	Name: _ga Value: GA1.1.1363842476.1681623824
.easystreams.net/	1970-01-20 20:43:03	Name: _ga_ELCH4S4LG4 Value: GS1.1.1681623823.1.0.1681623823.0.0.0
.easystreams.net/	1970-01-20 20:28:39	Name: __gads Value: ID=9fbbe458ef193ce8-2200d06794dd00d5:T=1681623824:RT=1681623824:S=ALNI_MY1j4hm770hFfHynUqwIqFn74zYPg
.easystreams.net/	1970-01-20 20:28:39	Name: __gpi Value: UID=00000bd69c555547:T=1681623824:RT=1681623824:S=ALNI_MYTzhH0LEXpC3gJJLoxSRjtwUl6ug
.doubleclick.net/	1970-01-20 20:28:39	Name: IDE Value: AHWqTUnVnwQqb8jYSg3P7TTlT1EBKIJCFsMKVeLkl3JGobPv4-bE82rl4z7q7iRpXEc
.quantserve.com/	1970-01-20 13:16:39	Name: d Value: EFIBCQHiKIEA
.bidswitch.net/	1970-01-20 19:52:39	Name: tuuid Value: 23e211af-a612-4b92-b1ce-c08f84057689
.bidswitch.net/	1970-01-20 19:52:39	Name: c Value: 1681623826
.bidswitch.net/	1970-01-20 19:52:39	Name: tuuid_lu Value: 1681623826
.quantserve.com/	1970-01-20 20:37:18	Name: mc Value: 643b8b12-44d85-689a0-9763d
.mathtag.com/	1970-01-20 20:32:59	Name: uuid Value: 2ce7643b-8b12-4300-ac83-44ceaaee7122
.mathtag.com/	1970-01-20 11:50:15	Name: mt_mop Value: 4:1681623826
.bidswitch.net/	1970-01-20 11:07:04	Name: google_push Value: Aer7DvKQT31OQstBplvjXCZ9zQl0DrpdTgERD9xqp8tLtopTegA5zuw3hPMvQqeEvlRbHXktpyW1BtCCFYO7wyfY7QAOYtKeYvxtl_s
.casalemedia.com/	1970-01-20 19:52:39	Name: CMID Value: ZDuLEmVoGAFINobiX4wwKwAA
.casalemedia.com/	1970-01-20 13:16:39	Name: CMPS Value: 3213
.casalemedia.com/	1970-01-20 13:16:39	Name: CMPRO Value: 3213
.blismedia.com/	1970-01-20 19:52:43	Name: b Value: 643B8B12DADB1A6054B42251BLIS
.adfarm1.adition.com/	1970-01-20 13:16:39	Name: UserID1 Value: 7222519336851208344
.turn.com/	1970-01-20 15:26:15	Name: uid Value: 8950959691427551187
.adform.net/	1970-01-20 11:50:15	Name: C Value: 1
.everesttech.net/	1970-01-20 19:52:39	Name: everest_g_v2 Value: g_surferid~ZDuLEgADHavnfwBS
.pubmatic.com/	1970-01-20 11:08:30	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 19:52:39	Name: KADUSERCOOKIE Value: 3E9E39BE-0BA3-4D91-9642-7E0083C4A5EA
.adform.net/	1970-01-20 12:33:27	Name: uid Value: 7086937574129582662

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://mts0.google.com/vt/data=f_Vz7RONxE_Z3RwgYQ9OLtRIIqgtMNg3nS51rSoYP9Sa8eHTTEybbGsLLntIdntBKRVtNcHEMLeRTnM8LWYI6w Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
easystreams.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsrvr.org
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
server.easystreams.net
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.98
151.101.66.49
185.29.134.248
185.64.190.78
185.80.39.216
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
34.96.105.8
35.186.253.211
37.157.4.29
51.38.120.206
52.223.40.198
52.59.144.36
69.173.144.138
85.114.159.118
94.23.160.246
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
02e171589aa0feefa6b419dc7607f5482bd56079e8f16004f87860c560bbb663
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cbc26d095ea503e7e09b454320515de6544a71901aaa2bd65a5197c13bf63d4
10eaec7ea68a27a35e674c950e685e37a7aab13f0a64985940cbf013b2406549
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1bb61624447ec0702c34a3e585e794916e166402019c141cd89f0156bd12f40c
22665c1d5e2013f7ed3168b62de396a56fde89f6df5fadbbe74cb4315023b57c
256dd89cd1eca26db88a4275beadc6e9c7c6c544554d9b8168b2e4c6800dcc6c
264bec49df54617739d590247245dd50f15b5966666c8bc6d98970b40a487abb
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
281ca3f0c83453a58a26b3746f2f5edc3df17fca9295c2c26730c95875c61751
2822de600f938c8e3d6dfd1d58adb52947e2bc5d4903b588823769d40fd4d374
2cadc9dfc1efa1d112c93590463993777e026e0b862610fdc1abc8a7dd6fbf66
2cfedf4dd6026e71b31593cf003cc5ba40e3229a666839de43b9868ded9ee590
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d0e2e6754e9a065131116c52bd3d3a1a0639949d957b05969cbedb72e4a6661
3ecbbacd37c0e0c43cf9bb3285ef2b9d7366a15b4f21fa119d3e712811631f63
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
43fa4e069aaf1445029aeb584118ff5940c20ebb1a8e4ed8d940415c34a7e233
44f662377fc166b25bb5425955e4984bfc50a518213566eb62bfcf378a074cee
450e2213eddce017572ee5aa2a7a1f503147755e6c93a21650a96adb25a303ce
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5167c5e9c9a6e42deae5764409921c5a17b2a239c4f40ae2f30ecfe27c859dcf
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fbf59e004943239b1d3c5c8536ce8b058a810fb50f88d774bd60c4822581500
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62df66ae88522235b14150dc433530c2feb367a91c812aa52224d53b57d5f113
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
660b97725b27a4cfc5a3b1ed58e22416a9e4af002d7245287b420d096338fe1f
6734003dc6b56aab8002cae9f790ca68921971d89cda08cbaaa0a68789166dd7
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7a99043b793884afd669d861e31cc3d4dd0f38a04fd35f4412d513bafd506547
845ced6274ea1e199f70625c7621855eb2f6160d73fca5ee56ac583c08f55bd0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3cab58911ede1e8b4202dafe51be651e1e08ed530433b59ffde0dae058e37e
8e6827c4dd1520ef7d2f0c8d216d049e557f985790e7befb27a1538a3f49181c
906d2346f91cf7998e24399edc69cd3b1f066891cc9180fb9e94800c7f7ef27e
96aeabc02fb45c447f9ea39b5f3b1c51b165c9022a43d81f46fcf9ffebcf80d4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afd4e0afd9d4b3748fc3d4fe358b02d16ca4ba3261bf1fbd1a2567d1b160942
9cd1336841f9b6a47bfefd1304c8f86d2a04a768358ef88a6144130074555e30
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac91c00cc79eee15f73cdf026ab070c00410998588abb2a57cfdaff83df2958b
aef43d36943ac8761a462f8f07e4426e6fe274eb58e9dfd3e030f9d8c5624e58
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b881ea4020eaa35e48840c8551efc9968bde123641e52a3c03fdec99bad344ac
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
beaa85f076b8d5d3a918d459e3ba773ae0d52414a0b8d5a69251d3b6e41a820e
c12ee5ca45e7bd9dd4562ef0121717340864ec3c27cdd8a5f3eb94307eabaa20
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cf1da05f75278e79520b58d91c5732e964db5ab4ec1083050512d3849b161b4c
d0be706dc55e49a9ecedcc0796ffd95e8264554fc50ce18fa6762631af72c4bd
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d3140f24deb3d4f81a706063c9dd9e4f23189bd9e635f8a5aecf51360ea31014
d4afcd9f5c6ed612b8d826b1cab671242751bf28bb91a2f321f91d40722a4696
dc2cfbdca0b41a7a8f12e4999387928b5b04baa1a7830673de7e569a09622948
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de0c9c3860b20b3d9f82dc543bb69514fa9435a0838781dcc6521292156bec54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9416b7588bb7972dbde15221e4fbed172cfb22017a489473c3dcbf3283038e1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62292d466cfbd8d15e040157b49199b2d40a0bae7c6596d008d1d7d7821ad0e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8e08fd7f0ae38ea6c96e60b203fec60fcd731d22b6a2f69046d2dbd6548cd89
f90e842645e54550b1efbf3581f58597fdc9604f5f2deaaa229918c7d88368ca

easystreams.net Open in urlscan Pro 94.23.160.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

91 %HTTPS

52 %IPv6

25 Domains

32 Subdomains

21 IPs

5 Countries

2142 kBTransfer

5165 kBSize

24 Cookies

2 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

easystreams.net Open in urlscan Pro
94.23.160.246 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

91 %
HTTPS

52 %
IPv6

25
Domains

32
Subdomains

21
IPs

5
Countries

2142 kB
Transfer

5165 kB
Size

24
Cookies

139 HTTP transactions
11 data transactions