bg.jf-paiopires.pt Open in urlscan Pro
2606:4700:3030::6815:4a9d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bg.onpointpublishing.com/womans-masturbation-guide
Effective URL:
https://bg.jf-paiopires.pt/womans-masturbation-guide
Submission Tags: falconsandbox
Submission: On January 09 via api (January 9th 2022, 11:12:15 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 36 domains to perform 178 HTTP transactions. The main IP is 2606:4700:3030::6815:4a9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.jf-paiopires.pt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 8th 2021. Valid for: a year.

This is the only time bg.jf-paiopires.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:9c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2606:4700:303... 2606:4700:3030::6815:4a9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	188.166.135.13 188.166.135.13	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
3	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
12	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
5	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	168.119.25.18 168.119.25.18	24940 (HETZNER-AS) (HETZNER-AS)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5 22	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 4	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
4 4	52.58.94.171 52.58.94.171	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	142.250.181.2 142.250.181.2	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e033	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.81.146.30 99.81.146.30	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
178	42

1 2606:4700:3031::ac43:9c12 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bg.onpointpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3030::6815:4a9d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bg.jf-paiopires.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jf-paiopires.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

go5s.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
40b7f0c3cb.86a7149f2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.25.119.168.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.184.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7144693d978696294c38950846f23567.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.94.171 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-94-171.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr04s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e033 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.146.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-146-30.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 7144693d978696294c38950846f23567.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	475 KB
31	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 341 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 169 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	245 KB
12	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	738 KB
11	jf-paiopires.pt 1 redirects bg.jf-paiopires.pt jf-paiopires.pt	254 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	166 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 245	245 KB
7	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 69	16 KB
7	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 139412	128 KB
6	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3317	2 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2701 r.skimresources.com — Cisco Umbrella Rank: 2562 t.skimresources.com — Cisco Umbrella Rank: 2691 p.skimresources.com — Cisco Umbrella Rank: 3521	20 KB
5	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1035 beacon.krxd.net — Cisco Umbrella Rank: 356 consumer.krxd.net — Cisco Umbrella Rank: 1378	88 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	174 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 712	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 649 r.turn.com — Cisco Umbrella Rank: 2156	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8579	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 546 syndication.twitter.com — Cisco Umbrella Rank: 767	133 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 27231	29 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 18482	893 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 956	925 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	300 B
2	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 15563	21 KB
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 980	5 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1084	63 KB
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 10377	193 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	212 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	4 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 37847	5 KB
1	86a7149f2c.com 40b7f0c3cb.86a7149f2c.com	199 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 698	414 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 38053	476 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	82 KB
1	go5s.biz go5s.biz — Cisco Umbrella Rank: 257803	15 KB
1	onpointpublishing.com 1 redirects bg.onpointpublishing.com	586 B
178	36

	Domain	Requested by
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net bg.jf-paiopires.pt pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net bg.jf-paiopires.pt
12	www.youtube.com	bg.jf-paiopires.pt www.youtube.com jf-paiopires.pt
9	s0.2mdn.net	bg.jf-paiopires.pt s0.2mdn.net googleads.g.doubleclick.net
9	jf-paiopires.pt	bg.jf-paiopires.pt jf-paiopires.pt
8	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net bg.jf-paiopires.pt
8	googleads.g.doubleclick.net	3 redirects www.youtube.com cdn.zx-adnet.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	cdn.zx-adnet.com	bg.jf-paiopires.pt cdn.zx-adnet.com pagead2.googlesyndication.com
6	mc.yandex.ru	2 redirects bg.jf-paiopires.pt
5	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net bg.jf-paiopires.pt googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	www.youtube.com tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	www.gstatic.com	www.youtube.com www.gstatic.com googleads.g.doubleclick.net
3	js.wpadmngr.com	bg.jf-paiopires.pt js.wpadmngr.com
3	fonts.googleapis.com	bg.jf-paiopires.pt securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	beacon.krxd.net	googleads.g.doubleclick.net cdn.krxd.net
2	googleads4.g.doubleclick.net	bg.jf-paiopires.pt
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	ads.travelaudience.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	r.turn.com	bg.jf-paiopires.pt googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	js.wpshsdk.com	js.wpadmngr.com js.wpshsdk.com
2	p.skimresources.com	bg.jf-paiopires.pt
2	t.skimresources.com	bg.jf-paiopires.pt s.skimresources.com
2	platform.twitter.com	bg.jf-paiopires.pt platform.twitter.com
2	www.instagram.com	1 redirects bg.jf-paiopires.pt
2	bg.jf-paiopires.pt	1 redirects
1	consumer.krxd.net	cdn.krxd.net
1	code.createjs.com	s0.2mdn.net
1	7144693d978696294c38950846f23567.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	notification.tubecup.net	bg.jf-paiopires.pt
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	js.wpushsdk.com	js.wpadmngr.com
1	40b7f0c3cb.86a7149f2c.com	js.wpadmngr.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	na.nawpush.com	js.wpadmngr.com
1	r.skimresources.com	s.skimresources.com
1	s.skimresources.com	bg.jf-paiopires.pt
1	code.jquery.com	bg.jf-paiopires.pt
1	go5s.biz	bg.jf-paiopires.pt
1	bg.onpointpublishing.com	1 redirects
178	52

This site contains links to these domains. Also see Links.

Domain
sl.jf-paiopires.pt

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-08` - `2022-11-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
go1s.biz R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
www.drivermanager.club GTS CA 1D4	`2022-01-07` - `2022-04-07`	3 months	crt.sh
js.wpadmngr.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
na.nawpush.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
40b7f0c3cb.86a7149f2c.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
js.wpshsdk.com R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
js.wpushsdk.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
notification.tubecup.net R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://bg.jf-paiopires.pt/womans-masturbation-guide
Frame ID: 9EF175D78A64A2E067B566EDF24458D9
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
Frame ID: 1D616B80CAE51756DA135179244B88EC
Requests: 6 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08034625340765156
Frame ID: 79CA74B0E1B48B86E64E8D080D922D74
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
Frame ID: FB995A180437FCB0EEEDF7CE58D712D4
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fbg.jf-paiopires.pt
Frame ID: EBCB66EBE1AA119AAC235E061E36EA2A
Requests: 2 HTTP requests in this frame

Frame: https://7144693d978696294c38950846f23567.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DDE86C4C03A2D82492710EAB0AD5D20F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWPyvq--Rr0c3ZecH5fyL18H3OuEx5ISVncYI7et19W6z61qzwm-k8t8QKZv62K8gWPvlrTmKfl0bvzp0i5LA7xFygqgh6t5Q6Vy_9Jjvw6ukMGRbnB90lePOjT6FLFN69Qd3XUkk_nXvThPx7-6MPwIqowJ3JSlPXlshTw2xDGJh8j-AGOl87eAK7u0eHYpJXIVaAnhHrYolzQBA9eseZghXt79YbOMu1CF2IkzsPGDXHaxaVG38UlElJAxRn94aC5GgDys59dmVaIMQZ1R8H3led1EzJaOgxCL8Gb6dfZ-1mKINvQ6eqgifjG4DSlg&sai=AMfl-YRQ1UPLiyjnVIUjnWFMw-H8eE4cbnrqxwaN99_pJWqQjxf9vRkU8N9YwOEE1vy-UhvEmjiV-UIlrYJwvzuWjh6VeS5iXiLeZmvAqVQRLieZg_z5jr8SQ24d-pCk7gWn&sig=Cg0ArKJSzF4dddh9fv_7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0323A15D88DA691CF74CDCCF4DE09262
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: AB1CB5142F190D6A5C23533D2B14A2AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 55A60A26110939AB8939E25BB7D8B61D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_grod.html
Frame ID: BC097609B2ECBF17836345C6C2DBF2AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_grod.html
Frame ID: E2FC11B1691171EE6F337588E949F3B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393
Frame ID: 1DF05E34A8C7B2DFF7043A3A7088CAD9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZDM/zdm_grod&adk=1011298904&adf=4188749581&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=336&ish=280&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.9320712411093246
Frame ID: 786AF87AA2D24D54B52D9BA55D567675
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66815A9EBC1265D682D4926D5CC1ECF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A50694770B0630C6E40365218B91A843
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1D4EF32800C469F052A54E5B82D1BD4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EABCEB549EA32361AEE94971478AE90A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY0rSzZTAB&v=APEucNUecbqlnLwerwuMCMMI6M_0-XnwZHK_kJko9icSHq6jjsj37LJaXkjHXpqLcTh4DfIeBUbEbpBXwkB-wRm5ACRb61btyjyg_7v066e-MqaTGWr014M-Tckg2xaCV7Lq8Kj0rhmjUWoPwsICTUhW42Nb2JC4_pbflGXT_CbC9kvhaU-qJ0o
Frame ID: A9F2D6349C91C6975F7C83C77CCA38A2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8DFEDC2F0F3FC33A7FF6CB20FE29650C
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DF4C27C9A933763C0387FF428793427
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18F1831B3057435CD23B3C4F85F65BB6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Frame ID: 00BA4B5A13EE189749FE12F573386E98
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1018994438718716/index.html
Frame ID: 30F2A1EED9C270FCFC570C2577ED872E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D540BC1EAFBD2664A43865D343ADF92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C43FCBAD2E8B6CFCBC979B21E95653EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Как да мастурбирам за жени: Най-добрите женски съвети и техники за мастурбация - Секс

Page URL History Show full URLs

https://bg.onpointpublishing.com/womans-masturbation-guide HTTP 301
http://bg.jf-paiopires.pt/womans-masturbation-guide HTTP 301
https://bg.jf-paiopires.pt/womans-masturbation-guide Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

178
Requests

89 %
HTTPS

57 %
IPv6

36
Domains

52
Subdomains

42
IPs

6
Countries

3125 kB
Transfer

8663 kB
Size

26
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sl.jf-paiopires.pt/
Title: jf-paiopires.pt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bg.onpointpublishing.com/womans-masturbation-guide HTTP 301
http://bg.jf-paiopires.pt/womans-masturbation-guide HTTP 301
https://bg.jf-paiopires.pt/womans-masturbation-guide Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 51

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 71

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22GROD%22:{%22bg.jf-paiopires.pt%22:{%22https://bg.jf-paiopires.pt/womans-masturbation-guide%22:%22%22}}}&r=0.7689179279736968 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.7689179279736968

Request Chain 73

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22GROD%22:{%22bg.jf-paiopires.pt%22:{%22https://bg.jf-paiopires.pt/womans-masturbation-guide%22:%22%22}}}&r=0.926632922637447 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.926632922637447

Request Chain 95

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxgrod&adk=3836428907&adf=816031635&pi=t.ma~as.zxgrod&w=728&url=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641769932488&bpp=13&bdt=66&idt=80&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dheA&correlator=5349223858870&frm=23&ife=4&pv=2&ga_vid=1109643578.1641769933&ga_sid=1641769933&ga_hid=211869211&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=3639&biw=1600&bih=1200&isw=743&ish=90&ifk=2249054529&scr_x=0&scr_y=0&eid=31063859&oid=2&pvsid=1513373516622396&pem=249&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C743%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.clxqamuac9rt&btvi=1&fsb=1&dtd=97 HTTP 302
https://cdn.zx-adnet.com/adx/1_grod.html

Request Chain 99

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_grod&adk=1038530465&adf=467761316&pi=t.ma~as.ZXM%2Fzxm_grod&w=336&url=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641769932541&bpp=4&bdt=106&idt=70&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dheA&correlator=5349223858870&frm=23&ife=4&pv=1&ga_vid=541897724.1641769933&ga_sid=1641769933&ga_hid=844221648&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2316363267&scr_x=0&scr_y=0&oid=2&pvsid=2448620823490870&pem=249&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.e5fyhvqx02jl&fsb=1&dtd=76 HTTP 302
https://cdn.zx-adnet.com/adx/1_grod.html

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdtrzUsRZMtq00un2c.AkwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1&google_hm=2

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENsIGMi6yttySStk_ScKucg&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MDU4MTkzMzQxMjM1MjI3Nw%3D%3D

Request Chain 142

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1&google_push=AYg5qPLpUU0qMWK3EVWi5v2-7vI3OUSpSpnmXVFQnMh-rpQzMi4fRsWHpZge3kR8RnNUS3GSNwOpGxU9axsa2Kqm0hX3kdFIbFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgzNzUxODA0Nzg0NzAzNDEzNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1

Request Chain 144

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9p3yDyQYG15mDKCcB8qzafCTUG7_cyWbvFE6I8Y0bQDgShiuI9-04 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9p3yDyQYG15mDKCcB8qzafCTUG7_cyWbvFE6I8Y0bQDgShiuI9-04 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9p3yDyQYG15mDKCcB8qzafCTUG7_cyWbvFE6I8Y0bQDgShiuI9-04

Request Chain 145

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDgJoANLvM32FPvy_izq_O4&google_cver=1&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8iBinGcx3KjA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MqAMxA8CS6ugIvKIOhYehQ2&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8iBinGcx3KjA

Request Chain 147

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1&google_push=AYg5qPIrnAfhfbjFRShVn50t4skoZscjDhHOm6fkf_kAS4hOXCpMU4HOXZEumgHckOlDwVqqMusiT54xQK3RxhmpyYHlbgw6EA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODc2NTQ2MDQ1MzgwOTEwNjE5OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1

Request Chain 149

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_flghadx9kD-cHHPCzEFgL8MYZ0gnajAayPsWXw-mjI_36qtEWQQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_flghadx9kD-cHHPCzEFgL8MYZ0gnajAayPsWXw-mjI_36qtEWQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_flghadx9kD-cHHPCzEFgL8MYZ0gnajAayPsWXw-mjI_36qtEWQQ

Request Chain 150

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDgJoANLvM32FPvy_izq_O4&google_cver=1&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRRsaRT1N7jE5A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ESwzQooBQ0y7gluWZ6hexw2&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRRsaRT1N7jE5A

178 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request womans-masturbation-guide Show response
bg.jf-paiopires.pt/
Redirect Chain

https://bg.onpointpublishing.com/womans-masturbation-guide
http://bg.jf-paiopires.pt/womans-masturbation-guide
https://bg.jf-paiopires.pt/womans-masturbation-guide

22 KB
8 KB

283ms
245ms

Document
text/html

2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da290483f5cb77ae0c45dbb516b2035409295dc6f43c87d90283678d3b6ed05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oue3aUAa0GhG2nPPwNolm0VRXyKqj4S4%2BcoLVxIQawygbcvzw1pPSawUCvvjfokf46snsucT6ngfCtmc2r3VcAKY4t1z0BcUXRQSMQJ8wTz%2FM9SBz8v%2B0Y01hsPFWw02KP4JHzEYSlCZjCMkFMIaLC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cb1594e2e14f923-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 09 Jan 2022 23:12:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 10 Jan 2022 00:12:09 GMT
Location: https://bg.jf-paiopires.pt/womans-masturbation-guide
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FRfmEeXl5IkPYXzsdR6dU2QYGF6fRSN9CsUsLfZvMU6dvhowT16YZ07491FNQeqdFo3oEpoV5JloBW3qPagS3xxDVCm0hoFE2DDknkYcZEUT20PY7e9RWFZJiUnQ8sZXwzXp5%2Fl0y1fo1qK2pWplOM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6cb1594dcdfe5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 layers.min.css
jf-paiopires.pt/template/css/ 15 KB
4 KB 77ms
51ms Stylesheet
text/css 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jf-paiopires.pt/template/css/layers.min.css
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c2003e8b9edfad1ff1f47f6e33ba78f8ba190b0eb5d104b6f1228848c39ff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:33 GMT
server: cloudflare
etag: W/"604a762d-3a86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlKdQ8UBaGePIdZNvudsKijDgO6o1UdmVyaApjS4wSUdGsS3rliWt%2B2giCmZvobrpfQ%2B5IDguB%2FhzLEPJrz09HApRTs2v1jrjD%2By5DmsR4moRJ6htIuPqAp%2FZWFC0rse5aF%2FkFEQkBHxFo7BPRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6cb1594ff89df923-MXP
expires: Sun, 23 Jan 2022 11:12:46 GMT

GET
H2 200 font-awesome.min.css
jf-paiopires.pt/template/css/ 17 KB
4 KB 67ms
40ms Stylesheet
text/css 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jf-paiopires.pt/template/css/font-awesome.min.css
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:33 GMT
server: cloudflare
etag: W/"604a762d-4574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWWfacV5xkUwXynmDBhG2lfTKRKQgN9A8wHYhF3YsTHceRSpjHlZw6VQ%2BGC7D9rnQG6BBNjBDhKNEKdIBPim8Ej7h6m39JdoBB05j0pj0KlakryvgQOj4LPEd%2BlRghPXJGfKo%2BEnv8dqioZR6tc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6cb1594ff898f923-MXP
expires: Sun, 23 Jan 2022 11:12:46 GMT

GET
H2 200 style.css
jf-paiopires.pt/template/css/ 98 KB
15 KB 69ms
43ms Stylesheet
text/css 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jf-paiopires.pt/template/css/style.css
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c7ce759838ce8c3ad196db890ebbfbbdf7499177e4c587014ccef302ea0eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:34 GMT
server: cloudflare
etag: W/"604a762e-18613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XORdD%2BQZ7AdWl1ydsFLKI0IwLWM6jICAf7ijz9PeZW%2FebRXmUnah4QFNjYVIDcTeCsZAwY%2Fn1rAIIv1xLQ63Y8nrXoeDE4B%2Fl10sWfMWRhJSt%2FWHb2o6XUHemw9%2B5X%2FQR4d%2Fi81dIxledjHluRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6cb1594ff89bf923-MXP
expires: Sun, 23 Jan 2022 11:12:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 61ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b6da82df54e403aaddecdafeec961dd33420a62f0c4095531913195801c28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 23:12:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 09 Jan 2022 23:12:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jan 2022 23:12:10 GMT

GET
H2 200 / Show response
go5s.biz/ 14 KB
15 KB 132ms
50ms Script
application/javascript 188.166.135.13
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://go5s.biz/?te=he4tgmrwmm5ha3ddf42tamzz

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b80349b55fdbf93d7b1ae0bcce1d648407e144cc671935785864a695f4efd70f

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jan 2022 23:12:10 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 grod_19091901.js Show response
cdn.zx-adnet.com/adx/ 146 KB
20 KB 63ms
23ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/grod_19091901.js

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d74e31b4d5ef7f12e4e04fbc8a59f0ff7147b7394dfdb9865d98b1292a2fbaf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
x-timer: S1641769930.251259,VS0,VE1
etag: "c334b87b6343229ccd35eb84c4e219322bea93f183c6d0158c2856dea506e112-br"
x-served-by: cache-hhn4071-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 09 Jan 2022 23:12:10 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19773
x-cache-hits: 1

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
598 B 87ms
27ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:10 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 womans-masturbation-guide.jpg
jf-paiopires.pt/img/sex/62/ 31 KB
31 KB 212ms
189ms Image
image/jpeg 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jf-paiopires.pt/img/sex/62/womans-masturbation-guide.jpg
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f40d7edadbaea23653f0ae4c003f2db45b25fb6641fe168d2775985eade67a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31644
last-modified: Wed, 28 Apr 2021 11:36:16 GMT
server: cloudflare
etag: "608948b0-7b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhP%2FGaXWfAkY%2F6ptCWjYs4ZNRtYbdT%2FTK5XmmI7XCGun%2Fz8na4%2F%2BQlIt7TeVBYsYniKvq9u743fW8Onc0f2o9R%2B7vvuqD%2BESVXiZhDsTK5y04e1SuSTyBBB51Nsfc0T2JTm7aq98UuaSiR%2BnGWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cb1594ff8a0f923-MXP
expires: Tue, 08 Feb 2022 23:12:10 GMT

GET
H2 200 daily-one-card-tarot-reading.jpg
jf-paiopires.pt/img/zodiac/42/ 55 KB
55 KB 333ms
332ms Image
image/jpeg 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jf-paiopires.pt/img/zodiac/42/daily-one-card-tarot-reading.jpg
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3695475645ba51b0359dd0b41567fdd67dbf6ff69dace06e775aaf883833af53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56288
last-modified: Wed, 28 Apr 2021 11:35:00 GMT
server: cloudflare
etag: "60894864-dbe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ArT6ZcSFuPu%2B%2B8n1HshLcGJ9MesINHDZqvL7UcSi%2FQZHLjgOrFiFkmxXHicN67e4VOnxO%2F5mpRKeYNIGF67%2FIH%2Fs9rLNfgqt3VVVGnmFLmQqnurFyaOAt4%2FJxlqRZSvw1xdyZ1AZD6O7zmXeII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cb1595038e2f923-MXP
expires: Tue, 08 Feb 2022 23:12:10 GMT

GET
H2 200 daily-one-card-tarot-reading.jpg
jf-paiopires.pt/img/zodiac/50/ 55 KB
55 KB 379ms
378ms Image
image/jpeg 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jf-paiopires.pt/img/zodiac/50/daily-one-card-tarot-reading.jpg
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3695475645ba51b0359dd0b41567fdd67dbf6ff69dace06e775aaf883833af53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56288
last-modified: Wed, 28 Apr 2021 11:34:54 GMT
server: cloudflare
etag: "6089485e-dbe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQr49D6WZKBWz3YPml43cb2C6DmDdppL5fjOcdFdSUpZFysLabH148tho1p20Vhx3t20Tbyo5dXZ02f%2FUgCI2BKRXog79Egb4zTuz5KvwIdCV30iLFVVEJfOeJUUarY9%2B26qh0%2FEhn6GX6N9FSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cb1595038e4f923-MXP
expires: Tue, 08 Feb 2022 23:12:10 GMT

GET
H2 200 what-venus-uranus-square-means.jpg
jf-paiopires.pt/img/love/91/ 44 KB
44 KB 193ms
192ms Image
image/jpeg 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jf-paiopires.pt/img/love/91/what-venus-uranus-square-means.jpg
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1663174fb4fe6b909ccfa491ff52597842004dc7decf284ddc5e337d183fa209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44950
last-modified: Wed, 28 Apr 2021 11:50:56 GMT
server: cloudflare
etag: "60894c20-af96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LE2Dy1Gv5WSsRmmFSbgOFYH7lANFvoJpsinRvo7d9m9foAR9ABXUE7zkaywzUER%2FarWYMt1qY9JkpGl7FeYKhpmzeNqgeQ4BDwP9BXFAvTFoPJsvmZElhm8T0SreZEQ6U%2BboV7DCZkNxQnt3yME%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6cb1595038e5f923-MXP
expires: Tue, 08 Feb 2022 23:12:10 GMT

GET
H2 200 jquery.js Show response
code.jquery.com/ 276 KB
82 KB 137ms
47ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-4508e"
vary: Accept-Encoding
x-hw: 1641769930.dop010.ml1.t,1641769930.cds214.ml1.hn,1641769930.cds216.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H2 200 plugins.js Show response
jf-paiopires.pt/template/js/ 73 KB
27 KB 70ms
45ms Script
application/javascript 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jf-paiopires.pt/template/js/plugins.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae996ae0bf157d7574024452bbbccdc7ec5f7ee1de15e5bf774026ddb2ea386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:36 GMT
server: cloudflare
etag: W/"604a7630-12469"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7L3T5KySnCei%2BEwBiJqB9pAufUhInde2%2B7V%2FlvB%2FeGn4zxGvWdwqL6FB57fjSN%2BeCnqAe4DVEQXgYimYs9sdVVQbZjHYDUO3GQBSnZierCtR%2FiX%2BGeUiQqmviYclIL9DYtGBrwKHwOrTuUijnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6cb1594ff8a2f923-MXP
expires: Sun, 23 Jan 2022 11:12:46 GMT

GET
H2 200 beetle.js Show response
jf-paiopires.pt/template/js/ 59 KB
9 KB 73ms
49ms Script
application/javascript 2606:4700:3030::6815:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jf-paiopires.pt/template/js/beetle.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc3457dfe52f627da8e6011b2fd916e7f0aa568daedd270bdb5f989f4dec7bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:36 GMT
server: cloudflare
etag: W/"604a7630-eb24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikx%2Bxkly7u71WjJddFMM635eOqqvByCdbpBj9DEUyuqIUYlgXKB7XHHIUvGFqefXHDJgpyjxiyeuyF%2F7lWRNDpMyUMYzCmitx6Ln34obpGqqXHQECigO2FWQaDXoqwXJT5b%2BtjHJAcIkXg1szeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6cb1594ff8a3f923-MXP
expires: Sun, 23 Jan 2022 11:12:46 GMT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

121ms
65ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H3
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 19:45:58 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Sun, 09 Jan 2022 23:12:10 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 380ms
189ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 09 Jan 2022 23:12:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CE6)
Age: 830
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 192355X1677936.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 113ms
36ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/192355X1677936.skimlinks.js
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3c178ac396736c811ccb139f4c6f928eeb22a1c38a0cf7208b1cda1f7e89e43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:32:09 GMT
server: AmazonS3
x-amz-request-id: ZK92W3PDNP9KMR2K
etag: "a1a4aa83c105f32ec88739911cb4f57a"
x-hw: 1641769930.cds142.fr8.hn,1641769930.cds208.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18773
x-amz-id-2: 69ifC81jh9G2bWG0dUZrRpgzV6RvyGraSJ690VM312vh4PABAzZcM14jdg7O+c1doiHO1G6zpFw=

GET
H2 200 OCEiOZfD0zo Show response
www.youtube.com/embed/ Frame 1D61 60 KB
25 KB 116ms
72ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f666a778452c319eae1991763c7b5b890b208b0a5f48fd43b96dc473904b092d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 09 Jan 2022 23:12:10 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
231 B 203ms
202ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.07582119143879984

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/grod_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
x-timer: S1641769930.283593,VS0,VE140
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-hhn4071-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 09 Jan 2022 23:12:10 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 134ms
51ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:18:02 GMT
x-content-type-options: nosniff
age: 208448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:18:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 315ms
233ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 03:06:33 GMT
x-content-type-options: nosniff
age: 417937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12196
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 03:06:33 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 24 KB
24 KB 314ms
232ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:30:03 GMT
x-content-type-options: nosniff
age: 207727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:30:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 189ms
107ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 206408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:52:02 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 309ms
237ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 04:27:02 GMT
x-content-type-options: nosniff
age: 240308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12228
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 04:27:02 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 76 KB
29 KB 209ms
121ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a

Request headers

Referer: https://bg.jf-paiopires.pt/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 06:57:04 GMT
server: nginx/1.18.0
etag: W/"61c56f40-131af"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:10 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame 1D61 39 KB
0 119ms
63ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 369090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:40 GMT

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D61 0
0

GET
H3 200 www-embed-player.js
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame 1D61 5 KB
0 84ms
59ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 16:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 09 Jan 2023 16:06:13 GMT

GET base.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 1D61 0
0

GET fetch-polyfill.js
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame 1D61 0
0

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
340 B 204ms
42ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677936.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

4ce50cd32328adc9ff19575851fedb83044238acf241fb751983faac9a2e6ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.jf-paiopires.pt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://bg.jf-paiopires.pt
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 79CA 0
102 B 215ms
55ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08034625340765156
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 251ms
53ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=5.234724789176118
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 251ms
52ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=5.234724789176118
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET fontawesome-webfont.woff
jf-paiopires.pt/template/fonts/ 0
0

GET
H3 200 OCEiOZfD0zo Show response
www.youtube.com/embed/ Frame FB99 60 KB
24 KB 97ms
97ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Requested by

Host: jf-paiopires.pt
URL: https://jf-paiopires.pt/template/js/plugins.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc6e23b43c9eb82089763ec9c9b35dc6d98502a540ac5b4f699c637587fb232b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 09 Jan 2022 23:12:10 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
372 B 252ms
252ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.07582119143879984
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
x-cache: MISS
content-length: 65
x-served-by: cache-hhn4071-HHN
x-fh-no-setcookie-unroll: true
server: Google Frontend
x-timer: S1641769931.531482,VS0,VE203
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: c38d72d1142bdcc7e244ffc0785ebb96
cache-control: max-age=3600,public
function-execution-id: w3n2xqd4rhd6
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 5166 Show response
na.nawpush.com/tags/ 507 B
476 B 224ms
50ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5166
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6df26caa2d0d8de6c3ef3e67d2c82cbd39acc49d142b0ea79048013b8897f628

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jan 2022 23:12:10 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 61ms
60ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:10 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame FB99 338 KB
46 KB 35ms
35ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 369090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:40 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame FB99 227 KB
73 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 16:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 09 Jan 2023 16:06:13 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame FB99 2 MB
529 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541622
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:26 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame FB99 8 KB
3 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 11:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Jan 2023 11:32:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB99 15 KB
15 KB 101ms
51ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 453929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:06:41 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame EBCB 319 KB
103 KB 83ms
82ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fbg.jf-paiopires.pt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2688348
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 09 Jan 2022 23:12:10 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
342 B 60ms
59ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677936.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.jf-paiopires.pt/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:10 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://bg.jf-paiopires.pt
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 208 B
414 B 149ms
36ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/grod_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b6842d3e60ef328390f9096ca2cbab47051a4dfed2867dccda71b30ea7b7113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb1595429858397-MXP

GET
H2 200 track Show response
40b7f0c3cb.86a7149f2c.com/in/ 0
199 B 158ms
32ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40b7f0c3cb.86a7149f2c.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzE2ODE0NTI2MTY3NzEwNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjE0LjAiLCJ0YWdfaWQiOjUxNjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:10 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 push.m.js Show response
js.wpshsdk.com/npc/sdk/ 54 KB
20 KB 126ms
16ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d

Request headers

Referer: https://bg.jf-paiopires.pt/
Origin: https://bg.jf-paiopires.pt
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 08:34:55 GMT
server: nginx/1.18.0
etag: W/"612f3b2f-d82f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:10 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 13 KB
5 KB 158ms
10ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:10 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET fontawesome-webfont.ttf
jf-paiopires.pt/template/fonts/ 0
0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FB99
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
14ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e642489424b3fa713a48f4533983d86e91dd498e8d19602f054c333840e9775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jan 2022 23:12:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FB99 29 B
588 B 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:57:14 GMT
x-content-type-options: nosniff
age: 896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jan 2022 23:12:14 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame FB99 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29833
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
H2 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame FB99 35 KB
14 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 15:46:37 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame FB99 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 368923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:28 GMT

GET
DATA 200
OK truncated
/ Frame FB99 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTRSDzE2hckGHwsL0UJsVLDVOQqKVjZs-82hdIsmg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FB99 3 KB
4 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTRSDzE2hckGHwsL0UJsVLDVOQqKVjZs-82hdIsmg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9b8a4b058f0cfdb5137ab550edcaa8912e26d6ceb7451b9ea791d608e467090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:28:15 GMT
x-content-type-options: nosniff
age: 13436
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3229
x-xss-protection: 0
server: fife
etag: "v153"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 23:15:43 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/OCEiOZfD0zo/ Frame FB99 212 KB
212 KB 129ms
107ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/OCEiOZfD0zo/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d191a8a48b2c83a3925e3e45af41d73eb0f9e6e4970eee2fe810c0f702d56236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
x-content-type-options: nosniff
server: sffe
etag: "1550671130"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216888
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Jan 2022 01:12:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB99 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 524565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:29:26 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 7ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/grod_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
x-timer: S1641769931.070499,VS0,VE0
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-hhn4071-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 09 Jan 2022 23:12:11 GMT
accept-ranges: bytes
content-length: 67057
x-cache-hits: 10

GET
H2 200 styles.css
js.wpshsdk.com/npc/sdk/push/ 2 KB
1 KB 20ms
6ms Stylesheet
text/css 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push/styles.css
Requested by: Host: js.wpshsdk.com
URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:33:19 GMT
server: nginx/1.18.0
etag: W/"5f10b98f-843"
content-type: text/css
access-control-allow-origin: *
expires: Mon, 10 Jan 2022 00:12:11 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 subscription-offers
notification.tubecup.net/in/ 0
193 B 56ms
11ms Image
text/plain 168.119.25.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide&tcid=0&spot_id=2470&site=tcpublisher&source_id=0
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:11 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EBCB 232 B
447 B 127ms
110ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9dfcd3542424aa94ab0bcaa097efa53f7bb9556f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fbg.jf-paiopires.pt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 09 Jan 2022 23:12:10 GMT
content-encoding: gzip
last-modified: Sun, 09 Jan 2022 23:12:11 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4b406080933e7fda85fe7997da0c145279acda22cc4289321dc6f46c0182226b
content-length: 166

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FB99 4 KB
3 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:11 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 746ms
745ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
x-timer: S1641769931.192044,VS0,VE738
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-hhn4071-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 09 Jan 2022 23:12:11 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H3 204 generate_204
www.youtube.com/ Frame FB99 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?JYSo0w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame FB99 53 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 10:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Mon, 10 Jan 2022 10:57:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 44ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/grod_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e9d45467f4833ab1983bd81ff30bd233a58feb324dc84a8e22a8f303f91a3409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26985
x-xss-protection: 0
server: sffe
etag: "1097 / 755 of 1000 / last-modified: 1641462333"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/grod_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27012
x-xss-protection: 0
server: sffe
etag: "1097 / 292 of 1000 / last-modified: 1641462274"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jan 2022 23:12:11 GMT

GET
H2 200 /
mc.yandex.ru/watch/65614747/GROD/ 43 B
304 B 126ms
39ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/65614747/GROD/?r=0.31716360529772647

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:12 GMT
last-modified: Sun, 09-Jan-2022 23:12:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 09-Jan-2022 23:12:12 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22GROD%22:{%22bg.jf-paiopires.pt%22:{%22https://bg.jf-paiopires.pt/womans-masturbation-guide%22:%22%22}}}&r=0.7689179279736968
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.768...

0
0

39ms
39ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.7689179279736968
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:12 GMT
last-modified: Sun, 09-Jan-2022 23:12:12 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.7689179279736968
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09-Jan-2022 23:12:12 GMT

GET
H2 200 /
mc.yandex.ru/watch/65614747/GROD/ 43 B
71 B 126ms
39ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/65614747/GROD/?r=0.7602722860739064

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:12 GMT
last-modified: Sun, 09-Jan-2022 23:12:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 09-Jan-2022 23:12:12 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22GROD%22:{%22bg.jf-paiopires.pt%22:{%22https://bg.jf-paiopires.pt/womans-masturbation-guide%22:%22%22}}}&r=0.926632922637447
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.926...

0
0

40ms
40ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.926632922637447
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:12 GMT
last-modified: Sun, 09-Jan-2022 23:12:12 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22GROD%22%3A%7B%22bg.jf-paiopires.pt%22%3A%7B%22https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide%22%3A%22%22%7D%7D%7D&r=0.926632922637447
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09-Jan-2022 23:12:12 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 30ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
77 B 30ms
16ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.jf-paiopires.pt

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

23b953730e30a53f59967a5d4eb2817032d70bc77eb2c82e1d53536fb476b522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 290ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 291ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 146ms
146ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2095085246472852&correlator=697378260265434&output=ldjh&impl=fif&eid=31063706&vrg=2021120601&ptt=17&gdpr_consent=CPSkjX4PSkjX4AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_grod&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dbg.jf-paiopires.pt%26site_topdomen%3Djf-paiopires.pt%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%259A%25D0%25B0%25D0%25BA%2520%25D0%25B4%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%25D0%25BC%2520%25D0%25B7%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B8%2520%25D0%259D%25D0%25B0%25D0%25B9%2520%25D0%25B4%25D0%25BE%25D0%25B1%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D1%2581%25D0%25BA%25D0%25B8%2520%25D1%2581%25D1%258A%25D0%25B2%25D0%25B5%25D1%2582%25D0%25B8%2520%25D0%25B8%2520%25D1%2582%25D0%25B5%25D1%2585%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B8%2520%25D0%25B7%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D0%25A1%25D0%25B5%25D0%25BA%25D1%2581%2520%25D0%2590%25D0%25BA%25D0%25BE%2520%25D0%25B8%25D1%2581%25D0%25BA%25D0%25B0%25D1%2582%25D0%25B5%2520%25D0%25B4%25D0%25B0&cookie_enabled=1&bc=31&abxe=1&lmt=1641769932&dt=1641769932144&dlt=1641769930187&idt=1926&frm=20&biw=1600&bih=1200&oid=2&adks=3724742728&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1414849844.1641769932&ga_sid=1641769932&ga_hid=1356053679&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

40da8fa07f7abf42d09dc3dbde361f9fa0f88b253168344d5fee52e4a855e7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12380
x-xss-protection: 0
google-lineitem-id: 5422651606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308487554
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.jf-paiopires.pt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 216ms
216ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2095085246472852&correlator=697378260265434&output=ldjh&impl=fif&eid=31063706&vrg=2021120601&ptt=17&gdpr_consent=CPSkjX4PSkjX4AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=41117126%2CZXNT%2Czxnt_grod&enc_prev_ius=0%2F1%2F2&prev_iu_szs=728x90&cust_params=site_domen%3Dbg.jf-paiopires.pt%26site_topdomen%3Djf-paiopires.pt%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%259A%25D0%25B0%25D0%25BA%2520%25D0%25B4%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%25D0%25BC%2520%25D0%25B7%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B8%2520%25D0%259D%25D0%25B0%25D0%25B9%2520%25D0%25B4%25D0%25BE%25D0%25B1%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D1%2581%25D0%25BA%25D0%25B8%2520%25D1%2581%25D1%258A%25D0%25B2%25D0%25B5%25D1%2582%25D0%25B8%2520%25D0%25B8%2520%25D1%2582%25D0%25B5%25D1%2585%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B8%2520%25D0%25B7%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D0%25A1%25D0%25B5%25D0%25BA%25D1%2581%2520%25D0%2590%25D0%25BA%25D0%25BE%2520%25D0%25B8%25D1%2581%25D0%25BA%25D0%25B0%25D1%2582%25D0%25B5%2520%25D0%25B4%25D0%25B0%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.jf-paiopires.pt%252Fwomans-masturbation-guide&cookie_enabled=1&bc=31&abxe=1&lmt=1641769932&dt=1641769932147&dlt=1641769930187&idt=1926&frm=20&biw=1600&bih=1200&oid=2&adxs=306&adys=3639&adks=2742981812&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.jf-paiopires.pt%2Fwomans-masturbation-guide&vis=1&dmc=8&scr_x=0&scr_y=0&psz=743x-1&msz=743x-1&ga_vid=1414849844.1641769932&ga_sid=1641769932&ga_hid=1356053679&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

fc4db8d3f8fbff5808842002aa47beced5d81d682cfae9fe7265d05c00678942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9274
x-xss-protection: 0
google-lineitem-id: 5422651606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308506458
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.jf-paiopires.pt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7144693d978696294c38950846f23567.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDE8 6 KB
4 KB 51ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7144693d978696294c38950846f23567.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 09 Jan 2022 23:12:12 GMT
expires: Mon, 09 Jan 2023 23:12:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 14ms
14ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0323 0
0 45ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWPyvq--Rr0c3ZecH5fyL18H3OuEx5ISVncYI7et19W6z61qzwm-k8t8QKZv62K8gWPvlrTmKfl0bvzp0i5LA7xFygqgh6t5Q6Vy_9Jjvw6ukMGRbnB90lePOjT6FLFN69Qd3XUkk_nXvThPx7-6MPwIqowJ3JSlPXlshTw2xDGJh8j-AGOl87eAK7u0eHYpJXIVaAnhHrYolzQBA9eseZghXt79YbOMu1CF2IkzsPGDXHaxaVG38UlElJAxRn94aC5GgDys59dmVaIMQZ1R8H3led1EzJaOgxCL8Gb6dfZ-1mKINvQ6eqgifjG4DSlg&sai=AMfl-YRQ1UPLiyjnVIUjnWFMw-H8eE4cbnrqxwaN99_pJWqQjxf9vRkU8N9YwOEE1vy-UhvEmjiV-UIlrYJwvzuWjh6VeS5iXiLeZmvAqVQRLieZg_z5jr8SQ24d-pCk7gWn&sig=Cg0ArKJSzF4dddh9fv_7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0323 112 KB
40 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b98ec4289bdd5fa1d2c87b382d4261f8be68818078a908eb041bfb2c604b9756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40192
x-xss-protection: 0
server: cafe
etag: 3047105190852840519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0323 120 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame AB1C 4 KB
634 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 22:39:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 09 Jan 2022 23:12:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame AB1C 19 KB
9 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8415
x-xss-protection: 0
server: cafe
etag: 17051659159829090632
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 22:42:36 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 55A6 112 KB
39 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b98ec4289bdd5fa1d2c87b382d4261f8be68818078a908eb041bfb2c604b9756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40192
x-xss-protection: 0
server: cafe
etag: 3047105190852840519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55A6 120 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame 0323 276 KB
99 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=bg.jf-paiopires.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 6338342865683808284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 0323 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04e6900b0df0853215580ad83297265e34319433642234692a934008dd3069ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame 55A6 276 KB
99 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=bg.jf-paiopires.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 6338342865683808284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0323 12 B
247 B 29ms
14ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bg.jf-paiopires.pt&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dheA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=bg.jf-paiopires.pt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0323 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0323 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

1_grod.html Show response
cdn.zx-adnet.com/adx/ Frame BC09
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zxgrod&adk=3836428907&adf=816031635&pi=t.ma~as.zxgrod&w=728&url=https%3A%2F%2Fbg.jf-paiopires...
https://cdn.zx-adnet.com/adx/1_grod.html

13 KB
3 KB

7ms
7ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_grod.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3971543727a78bab1026587c05c97edee7a7446728392fc3d4c1ba64b2c1807d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d1831344962804ec1e00ffe95db8e687b7e242741cb51c236b60d61a4f1568c2-br"
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Sun, 09 Jan 2022 23:12:12 GMT
x-served-by: cache-hhn4071-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1641769933.764828,VS0,VE1
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 2457

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://cdn.zx-adnet.com/adx/1_grod.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 09 Jan 2022 23:12:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 55A6 12 B
53 B 15ms
14ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 55A6 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 55A6 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.jf-paiopires.pt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

1_grod.html Show response
cdn.zx-adnet.com/adx/ Frame E2FC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM%2Fzxm_grod&adk=1038530465&adf=467761316&pi=t.ma~as.ZXM%2Fzxm_grod&w=336&url=https%3A%2F%...
https://cdn.zx-adnet.com/adx/1_grod.html

13 KB
2 KB

7ms
7ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_grod.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3971543727a78bab1026587c05c97edee7a7446728392fc3d4c1ba64b2c1807d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d1831344962804ec1e00ffe95db8e687b7e242741cb51c236b60d61a4f1568c2-br"
last-modified: Sun, 02 Jan 2022 06:05:10 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Sun, 09 Jan 2022 23:12:12 GMT
x-served-by: cache-hhn4071-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1641769933.786529,VS0,VE0
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 2457

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://cdn.zx-adnet.com/adx/1_grod.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 09 Jan 2022 23:12:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0323 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMC7PiUTdtE-25AvDQwkIS5KSgYNJxTjyLl2tZHX3ky0VmSAFKLz4Sks1uCznesjXrwF2vZvWDJkqztfhvdyepAqduDlq6FA_mPpM0EjhyYDgia1L4LswL9wKkIvi_Lh7S_ijRypqUyJbbnbLaYj83gOzFnLhqVesisLpRbMQxSEQ52sjxIgm30UFHum72YujMuBe0JimpWYuVelWD6p2hq7uUs_t9BGuxwogEEtLOr3Ck-U5Ck5vhUlpNRBzFNgrEyxvnbHl6IvrJi6LMSnegYGpbybEMQMR0BnB5gumzbl1mX3pxwin4KRbL61cZCL4c&sai=AMfl-YTJxyaS1gtVJGh6KTsL6NvTxgCaow9JaeUM5FlXOrZyjQkUBHrjiDahnTvbhyE6heDd25HsBrfIjVakpjUHMh0NaZR1w67yjHfDZiyGNq74WdFvjgSHEa4a-qmAnuH3&sig=Cg0ArKJSzMXLzmV14Ld4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0323 11 KB
8 KB 36ms
22ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

179c39caa9de46801fb393d0388f5f1c74c943aed24c3ae14fa5b90a1db6c17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8616
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DF0 16 KB
9 KB 256ms
256ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_grod.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ce2468166d0e1bc2aff5d47700d11b99fa0969f199d115c98eb93bd40c4221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.zx-adnet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 09 Jan 2022 23:12:13 GMT
server: cafe
content-length: 8992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55A6 11 KB
8 KB 27ms
27ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99d02267f02306cbcbfe11c265c620e4dfc2ee194b9f339f09522a212c8df52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8652
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 786A 70 KB
25 KB 295ms
295ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZDM/zdm_grod&adk=1011298904&adf=4188749581&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=336&ish=280&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.9320712411093246

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_grod.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfba12c2b73530412ac1ccbfbb615590273c8ff97694637c5b966b9eaab9d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.zx-adnet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 09 Jan 2022 23:12:13 GMT
server: cafe
content-length: 25900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0323 17 KB
6 KB 44ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55A6 17 KB
6 KB 29ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6681 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 09 Jan 2022 17:47:09 GMT
expires: Mon, 09 Jan 2023 17:47:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A506 783 B
536 B 33ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26ec7e3c1ce6ee49841be90a9085425834b164113c723bab84468316309cad1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T2PwFOBPcj7+zXH/7C79tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 09 Jan 2022 23:12:12 GMT
date: Sun, 09 Jan 2022 23:12:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-T2PwFOBPcj7+zXH/7C79tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1D4 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 09 Jan 2022 17:47:09 GMT
expires: Mon, 09 Jan 2023 17:47:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EABC 783 B
534 B 29ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90904269b8549f5c4b25821e38254a1028d5f788fd54e2fe7231830164b223b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oBgRsLp6SJ5odIs7VR3crw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 09 Jan 2022 23:12:12 GMT
date: Sun, 09 Jan 2022 23:12:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oBgRsLp6SJ5odIs7VR3crw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame 6681 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 14:51:25 GMT

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame E1D4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 14:51:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A506 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=2448620823490870&rc=
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EABC 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=1513373516622396&rc=
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A6 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=2448620823490870&bg=!LyylLGjNAAbDtiZlw7Y7ACkAdvg8WgJAYdTYKuLvysHzSj1b8crv5F_hwOurOW2D2NfIfvdxlzLIsgIAAABwUgAAAAtoAQcKAF1G1TUk6djBWNsSAIdc9OXFuhiJQE7CeTCRSMQKBF3WIpVNtZdB_GyXQUK-pCiIcjCBXIA8iuSimVUe9KbuB-j37gU7qdjzy5ds1nFsqrDqAlvXDtmIpOLJu_Z_pfSZAq_bWvEyF3XlsVMrUjtdxr6m4QTMPuigeUeY8hRCOwd5o6xH1TRSwNWB350EW1vi9FxCaJJQnsvGx7orVSZwzAnR4OIzqjNLjo7dMkjpa3NsWQakuxxQyOTun6myR3DaP6ZFnShww7L5-sO28V8_h4ykoKgyuf_DhEWJfCBafUg-Z5aYBAwF6v9DRe3scpKzkiOQBCo2aoZ_hX7_-PO-A551aUbhvnDlLlz5VQCkyrw1y2hDS15oLvxYKRgZU3gRD-sNJDxk5z9QiC1A-UEMmWI5CKI_UopEICFlaI4RvydMj1b4HAfGE8D6FKI3Fsb_n9YbZ2oRH5qf0GXv2NkK-EAISJoX2l2hrn2YXcDg0lmcQpbJ8R5veHoThPHaCy28p-WTx3A6WOR3zQD_EEQ-uw19GMwOOHzstnniYUo_gilITa7AlxSxyH5IlKL8xirJo8VHY03OPS-F1FtY-g2d8Ckq6SYzsLVfiAZJINFnjEKgtMZ9HLu1rLn0Ah2MZ6aztpmPECdoT2E_DX4O3gh0TXLsqRAcoD7Thi2fe-aAIFrHkD0v_UK4GmRR3pxwmtlh0u9P3IwIG0KVMaKjWBtEKo3CuE2ZNZLhNdiplU_2ekDGCTgpIhrGbhDDRenVuWiU_4LxCy9tHiNnzqFAB3y_V94_rrz6jLYjrTxw0UIpJ1BvptXfqrxBw5mNK-EK9eI0_g84r8cAzIHT91H8DELfoERs7DeBpCgaMVh7ZvTrYuVNSVIHxE8F9wYeSuymy8KzU3koczXTi4dlsu7c109KXGz0pSM_FAAD3-YeL_VLSNKrNM0Ap2B6enCYE_1_GCNTXRDvgR1JL-Nsz_Mux5o080TTjiOA-7cR2kP5NKRMBArV52jqNGQN0nusXnIi5KDY9pN4_MP5eVQifurBkvZ4ee0

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0323 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=1513373516622396&bg=!S0ilSAzNAAbDtiZlw7Y7ACkAdvg8Wosy0rXK981VM7WxmvS9AqkNIttxUUO-uCIkFcH-65g5lSiASAIAAABhUgAAAAtoAQcKAOPmTY2Y0IY9JW7j5gPgQy3GQZQcGc3OHJfP54twZW_tBO4jtJxzvZX5pdrzFdpKlQc_E0qDB7hY4MzCHxLovQcs_ZQLW3A9EisB1lWzdjXJtoBax-TV30dcxte2KAiXSqsxvw2awM_CX1GMLU-Ed-OwuEacfj0hiJu7MmoJUUTZnnGYwIbCM4ThsVXmEeMpMVHCFDVtnkShqXZYXj9xESq6f5t04Secc2k8QauGBVSILP01BVdDZpagbG1NOppSIDzWtI3oDC5A-Osy6o7fRT3oFOTElcJPHJ_hnL275yv9OH6RdpkCm5E0KyhIeIGt6dzXe02nKzlNW5gS7k5kd_iHPWaEGDbkYSDsPlu5wL8oHShVuNRWVacVYhyRyEyS8xQLcFCoymcCoEDDYJDN1xauNu7UBNSWi0a1H8aH22oyW5a6U17UKxr2GBcBEpB-wl9Wi7jU9Xm1O7l23KEuR19nM_l_8m8GNBuxXh9aJTLW1uyZzV5GI0EinJdSod7y0hyBxxhfhqbOaFfhOo2NH3XzOHPb4UmgizcYsf9ccrejIs95rn44tVvOqzNmIEi45jMO1xaD1cPTFam37LEXoQvXiT4svpLhnr_G5HMjyG6d_IIsj4xJ-0zt2Li5pYS0P4Cck5NbG9CWiV8LMikvnvjdm1vz6tTtJ1H_9Ty8J04b2gzwQ7L63U9nsflMPGWp4JG5EbGCJNc6C4c1eVH7MAR0gyXhQ6XiPCWztmmYJB2M0Pg0NH6EJIvuaYapeI3DUJRecf8dI052o-52rHkK6KCfzu962gle7M9SrSF3Cj6jhxsxos8FA2vR65j9iRQNPROLWx6415gOjDGxJePfYAf-2zqZnP1377Irn9FVf49YYmSrjO8nefxLLk589JLlQ_RffvB1yQSuFpyyIti0405nuP6MBCEksW5extuUHn6IMdBAK36EXDX9zMctCl8XIlgve-oYccoDMppIGYxSkfRfNdMWZCSGyAkBT3LvJIKQzvoMssC8XiLJwpElISC1JbQALy-0FuvwQaS81J6KD4MPnKZi-lPbxtD1l5YLyJSyYQyy9_lRznb1QHFCEOuKDZSaYExnFghSnRLgg8JDZltAhnO3DNs22TPIz-hFaFxQxDid1lWqicNtATRYPExGC5u7ystzOGqFry9AoHZuSoK5vlGPi7oaYAHvnPkpoyjGdSM

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DF0 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4_OZtGVyVEh_6ol90A3r_8g1Cag65ZsHG5s0G1rz9QUCaFE61ufUexZQ6iRngIxHY_1-CAq1Pp03oWFCayQXkhdz5ZSdJNV66aCnjrTEqfVQ9NCI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1DF0 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 22:40:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DF0 120 KB
37 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1DF0 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 23:00:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A9F2 624 B
297 B 17ms
17ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY0rSzZTAB&v=APEucNUecbqlnLwerwuMCMMI6M_0-XnwZHK_kJko9icSHq6jjsj37LJaXkjHXpqLcTh4DfIeBUbEbpBXwkB-wRm5ACRb61btyjyg_7v066e-MqaTGWr014M-Tckg2xaCV7Lq8Kj0rhmjUWoPwsICTUhW42Nb2JC4_pbflGXT_CbC9kvhaU-qJ0o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 09 Jan 2022 23:12:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1DF0 72 KB
30 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj87LadhKVosuUI4LgDI7gyUjtHRyasUrmCK9CwimN7y0lBPajs1vsBYwfamSXLcyH2gPaOF26i0jMVb08Yvak5tySAfVCa4vjFCoCFdPVDoB68VGizRqT2_BaDKtuo1Z4kfR3B4UjWJ9g9OG7ioA1qGn7LQ&dbm_d=AKAmf-DGkpUCpN-unzYqDKm2Bi2lqQCNjK-k5dPqsakOXVxQV12sMFxQJHdnA9y9fgI70OoiNPoV55FRwDKeX-qu1BNuRYWf3S388O69KVgCUmdq-Xghi-QQN9FDZbjQ6-oJ2wHpyzcY8xuaUpxdU86-ooIHKHp2lMrsVzIa5YMTjkU57iApDlZyloYk47_zcHHr2dYcEzuceb5ReInVc06GW-1ASHDv__KVqu719YdrvmGAM316AUW9ihsiLpMjVKjUkEKIhNkHps4o9l6zDkSK9poGF1UlflrVLjxcwDREJs98SqNfUZt4MWooCPcFYf_zKpWJU_QNDU48mX9N9lKviNnf_1vGbfMzpQDBkd7b59ZIfcjcFOiWeZNcaT38V0aHjAtzWvccuLW_q1oWQTH1nOgeqFt-W8RpbRn8pho1apXXjF658eN7jMxwsLxEwD5IsLpQYSx4csSCwkFQdCi6GxaDNBd6O4kVs_2KE0HdoqdLNyHY_-kjORY_AuX_muaA3hC4Y7aRIBuDmmRhSIU5YIjJbQFnp_yhPMi8O4dyH-1Xo5n5FxxMSb2gyiCjgYjpokZB4wdxeh72bkUFUHvNNhwhNSHmAewS0NA0wv_SWB-r7X-2hPIc2ZuKO82NKXATz5Swzheqc2KDLLuw8kFfVfUyMuTMqCebnoKX3tNuNGeQLOGp-5izhR5KurK_tvJsFAwqt_zICdPAsbm-9ABwY1OmRszjTQLblz-_iSK_tStFnz0lwxzWizcRvKm7jT-kavijpNdfpZmQpDq9lTv9gxQ6LWZfFcHy0wGMz01IAXGcL09lMOH4XbyFRBGE4w1_3swXHHdKRq5xeCJ0UyLTQoYaLKuHFi0nnxfpA6Nr1sceTvEs5BgYFizQ9fZIaFF7nNzrQrAT5a1wsp9xIiNqQ9XziG6BsQr4Xz_TlL6_nWreGc6I6Z9XlV51Yp85nK8jVsNjhU02uFL641you_Y9HWVeOwDxGwK4absbS7QLM9ctf0mNWFJKF9O-rIz3dHtF9qNYyg8RCyXA89v61aZGQRXF_n63V1XrkW_5Enq9_yfNb57uPHz-xT8eeoZV2DvoTGU4zTaAJc-Kr5PrTk1WzQ6rcCNieesr6vRaYmeLryDRrqd8SI5WDO1zdCN7x5WOdqEirgxOhkot90zn33n8yg9XiWbyp8CoM5Ljvy9X8ckYzKvUHu1IfelALWaPei8dTc2UAR7mDsq-TXiMZrGQkxxWaRj-n8fDYpEoXI1vRgkmZQv_nviHUnyRTc-YClTvZQ61HfzAd4pxuVh4vehiQf0KmTbw9YFGrjWT9yCUxi4QknBvzIrTqw0BHCjEyxiVbwW7qGnOzzxeM5ONRD7JQY4piZ36ZTgAMwCSYtxRjYRNIhG9ceI01f67SMfzoRexZhlUcLpsuBl8ilxa1AAo9r5T-QDPVOyZtmiWSNQqSbfBLQXLenyYwAb6mh04e8_4o33LseDOqU610hoVwlDk3soscekaumujW9ZC_fBc7omfkgtjPPN141vw1Sc4I8r8OF1pWNLGHPYdR0opgGd8pDO-GRu3V7hhQ6TUJkTqikkHtytB2J1qQ34rraF5fpN1Rt-ZBcvHvg2Pba-rr73mVoJPeyLMuZpvjDZkhPn4jXzd3vXpYyWrNqYTWaoo4zJ4UzDTPrT5HqnfxW_bfcjNGtk2r1rtUKIU9Ayyo-O6XskhRq1Ezb5lwNSfu9ULJ36PgAVQGpgNdTAPEMzoK2cl-11XpvYchvxeDSYNGjtpegaQVFoUyDK1w-Fmv7QMpDIffS7I4Ycw4C9bxNroC1fW7BVu3nRXeuZ0s5vd_ZmJx6UekQS-oWbm1FLyPEswq-zqQdsudd9NXLhUfpzMSunLLQQ0_Dy4DLCAGR-7WM-b2DNj9kw3Y0ju-f1dYdFPRVaqSrS9xGmdqP4mQxETQUock4rAKaXXst2lrqLkiPYqCATYFIQt7kC0c_p0jgo2XfgIP1sJORgumqx0l4cxuTZJplP8glFMRR70RieMx-iHqJGaqaewLDfWtVj7mAErrqT9R0nNp5eDRhnINslfTGSWVdf1OUI7axNU0mH0AE2Xbn3S98I_tIMQyP1Yaspx3UUKxW9ZPshZkhrrogd0JNEcSkFnLqq2w-PR67kPehQQ5n6gcjXQphtZjcRfx4s6pR0jpdYif57sPOZwVLL40oehYuXSTAVfrwR_D7zV4xnXsX_STKEB4OObPCOLvZdDoNJzU49nrPRLC5seEoXCTBHCsSvBkzD0LX4aayGUnRX1iBSreURsBbb_K-Jon09j2D0cbuwqukv89Fqh0vUdYqBRS61M9zMccOVfkqenEgxljMSU5VUFPQp9pKz73TQ68KNkG2briwiJr13M6qAOfRlkVTnwkNi5cqjhhzUcq6f8CLh0pY1RzPCGvXQfbU-OI-4yDaBAYpIvxInNEWs8lEpwFXr76EKGoxvjeSk3InEszbQIZgL6riZM0CunVkm4B5p_iukZDqtMiNIIv1pbpSqIze0emNKrotn8kbIuNs5UX3Qsc0JYmboyfpW4TW2ZsnDd6dXcJVLRiF5FBZ1P7M_oPUiE7iz-wM3GreYfEJJRmke8okU3zyiORIoK5DC5pT1Hy2ccoERpPRdkILHPss1n4ax6ye_AYZOjKjqut9JALGgsHqu2q-0P2w8jH2xVv44vHQsAvKmknPg3mJ4WGWdSBjMEmNjNmlWUK-uIPN4rIYvtXaQQ6v6grYdSVwzZGEKkwiPfMz9uChQr8aNaDqXTP2lOB7tB24qXdi0qVttBpST712NM564mPIExh70REjR5q5FDOQvutI8er-OIk7V0PKxWiW7hMiogVXLh9-t3OqA2oyPtUcreLfs8-CYy-c101c67j6P9TesX3QeyUpfTDyVWIgHj-AA-2xZspFg02vHwP1OPSMxU4rj0Pv5uEgHz6QEbecojn8ylKn5aO2NDG_PPrfsgg5mZiR2U8o47a_d0xqKkchvFYzD9akdccRFKhwl82OQHTR1jWr20GZA49mEe0J33xyix-xM2vAFbmu9xmkoWn5MY9fci2bkksjyAxI3R0rKbkIKkAbVj6ukPzbJsYm35pvqXlqnar9wGXNiZLj_Stjgqicx_h2GLCx0FHDs-NieBEskeZvYE8oa6FzbkSMuZnqFd1GXLNiZfQCRSqQbwd2gP-tYyWe00cyDfCndkK2jiEINv7qEkZTD9h8NAyKq2t63DWjP1gGVJOSEy2j1l-MU1Zzob7AZp834RJ2zSbVCxbZ8nyh2kLTC_CmHNdQHl5pxkdi6rIGYb2lY9xcZPfkUzPSvd_f_n7NvME9lSgZeD-hEsXVg3lDZxlNCPB1jZtWcFsnMqk7FSbeN7_yLqf-4&cid=CAASEuRogVI2w9aI-BiZiNehicsTFQ&rfl=3%2Chttps%253A%252F%252Fbg.jf-paiopires.pt%242%2C%2Chttps%253A%252F%252Fcdn.zx-adnet.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42eb68bf8ec856a2a4029cbf13de4be8567f150fe064f51b5f43424842e699df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30586
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A9F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1

43 B
1014 B

30ms
17ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY0rSzZTAB&v=APEucNUecbqlnLwerwuMCMMI6M_0-XnwZHK_kJko9icSHq6jjsj37LJaXkjHXpqLcTh4DfIeBUbEbpBXwkB-wRm5ACRb61btyjyg_7v066e-MqaTGWr014M-Tckg2xaCV7Lq8Kj0rhmjUWoPwsICTUhW42Nb2JC4_pbflGXT_CbC9kvhaU-qJ0o
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 09 Jan 2022 23:12:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A9F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdtrzUsRZMtq00un2c.AkwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1&google_hm=2

43 B
894 B

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY0rSzZTAB&v=APEucNUecbqlnLwerwuMCMMI6M_0-XnwZHK_kJko9icSHq6jjsj37LJaXkjHXpqLcTh4DfIeBUbEbpBXwkB-wRm5ACRb61btyjyg_7v066e-MqaTGWr014M-Tckg2xaCV7Lq8Kj0rhmjUWoPwsICTUhW42Nb2JC4_pbflGXT_CbC9kvhaU-qJ0o
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 09 Jan 2022 23:12:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdrZJ47Fd3aFPXBmsRYbsY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A9F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENsIGMi6yttySStk_ScKucg&google_cver=1

43 B
1004 B

31ms
13ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENsIGMi6yttySStk_ScKucg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY0rSzZTAB&v=APEucNUecbqlnLwerwuMCMMI6M_0-XnwZHK_kJko9icSHq6jjsj37LJaXkjHXpqLcTh4DfIeBUbEbpBXwkB-wRm5ACRb61btyjyg_7v066e-MqaTGWr014M-Tckg2xaCV7Lq8Kj0rhmjUWoPwsICTUhW42Nb2JC4_pbflGXT_CbC9kvhaU-qJ0o

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:13 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 579439e7-00e6-46e6-84e9-62abe1f08a41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENsIGMi6yttySStk_ScKucg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9F2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MDU4MTkzMzQxMjM1MjI3Nw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MDU4MTkzMzQxMjM1MjI3Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:13 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5cc5f608-b77e-4f8c-b16a-244b1f7f553c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MDU4MTkzMzQxMjM1MjI3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 786A 6 KB
670 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZDM/zdm_grod&adk=1011298904&adf=4188749581&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=336&ish=280&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.9320712411093246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 21:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 09 Jan 2022 23:12:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jan 2022 23:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 786A 1 KB
880 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 23:07:23 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 786A 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 22:52:36 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 786A 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 22:40:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 786A 120 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 786A 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 23:00:06 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 786A 27 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1DF0 106 KB
38 KB 76ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 20:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 20:53:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame 1DF0 8 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj87LadhKVosuUI4LgDI7gyUjtHRyasUrmCK9CwimN7y0lBPajs1vsBYwfamSXLcyH2gPaOF26i0jMVb08Yvak5tySAfVCa4vjFCoCFdPVDoB68VGizRqT2_BaDKtuo1Z4kfR3B4UjWJ9g9OG7ioA1qGn7LQ&dbm_d=AKAmf-DGkpUCpN-unzYqDKm2Bi2lqQCNjK-k5dPqsakOXVxQV12sMFxQJHdnA9y9fgI70OoiNPoV55FRwDKeX-qu1BNuRYWf3S388O69KVgCUmdq-Xghi-QQN9FDZbjQ6-oJ2wHpyzcY8xuaUpxdU86-ooIHKHp2lMrsVzIa5YMTjkU57iApDlZyloYk47_zcHHr2dYcEzuceb5ReInVc06GW-1ASHDv__KVqu719YdrvmGAM316AUW9ihsiLpMjVKjUkEKIhNkHps4o9l6zDkSK9poGF1UlflrVLjxcwDREJs98SqNfUZt4MWooCPcFYf_zKpWJU_QNDU48mX9N9lKviNnf_1vGbfMzpQDBkd7b59ZIfcjcFOiWeZNcaT38V0aHjAtzWvccuLW_q1oWQTH1nOgeqFt-W8RpbRn8pho1apXXjF658eN7jMxwsLxEwD5IsLpQYSx4csSCwkFQdCi6GxaDNBd6O4kVs_2KE0HdoqdLNyHY_-kjORY_AuX_muaA3hC4Y7aRIBuDmmRhSIU5YIjJbQFnp_yhPMi8O4dyH-1Xo5n5FxxMSb2gyiCjgYjpokZB4wdxeh72bkUFUHvNNhwhNSHmAewS0NA0wv_SWB-r7X-2hPIc2ZuKO82NKXATz5Swzheqc2KDLLuw8kFfVfUyMuTMqCebnoKX3tNuNGeQLOGp-5izhR5KurK_tvJsFAwqt_zICdPAsbm-9ABwY1OmRszjTQLblz-_iSK_tStFnz0lwxzWizcRvKm7jT-kavijpNdfpZmQpDq9lTv9gxQ6LWZfFcHy0wGMz01IAXGcL09lMOH4XbyFRBGE4w1_3swXHHdKRq5xeCJ0UyLTQoYaLKuHFi0nnxfpA6Nr1sceTvEs5BgYFizQ9fZIaFF7nNzrQrAT5a1wsp9xIiNqQ9XziG6BsQr4Xz_TlL6_nWreGc6I6Z9XlV51Yp85nK8jVsNjhU02uFL641you_Y9HWVeOwDxGwK4absbS7QLM9ctf0mNWFJKF9O-rIz3dHtF9qNYyg8RCyXA89v61aZGQRXF_n63V1XrkW_5Enq9_yfNb57uPHz-xT8eeoZV2DvoTGU4zTaAJc-Kr5PrTk1WzQ6rcCNieesr6vRaYmeLryDRrqd8SI5WDO1zdCN7x5WOdqEirgxOhkot90zn33n8yg9XiWbyp8CoM5Ljvy9X8ckYzKvUHu1IfelALWaPei8dTc2UAR7mDsq-TXiMZrGQkxxWaRj-n8fDYpEoXI1vRgkmZQv_nviHUnyRTc-YClTvZQ61HfzAd4pxuVh4vehiQf0KmTbw9YFGrjWT9yCUxi4QknBvzIrTqw0BHCjEyxiVbwW7qGnOzzxeM5ONRD7JQY4piZ36ZTgAMwCSYtxRjYRNIhG9ceI01f67SMfzoRexZhlUcLpsuBl8ilxa1AAo9r5T-QDPVOyZtmiWSNQqSbfBLQXLenyYwAb6mh04e8_4o33LseDOqU610hoVwlDk3soscekaumujW9ZC_fBc7omfkgtjPPN141vw1Sc4I8r8OF1pWNLGHPYdR0opgGd8pDO-GRu3V7hhQ6TUJkTqikkHtytB2J1qQ34rraF5fpN1Rt-ZBcvHvg2Pba-rr73mVoJPeyLMuZpvjDZkhPn4jXzd3vXpYyWrNqYTWaoo4zJ4UzDTPrT5HqnfxW_bfcjNGtk2r1rtUKIU9Ayyo-O6XskhRq1Ezb5lwNSfu9ULJ36PgAVQGpgNdTAPEMzoK2cl-11XpvYchvxeDSYNGjtpegaQVFoUyDK1w-Fmv7QMpDIffS7I4Ycw4C9bxNroC1fW7BVu3nRXeuZ0s5vd_ZmJx6UekQS-oWbm1FLyPEswq-zqQdsudd9NXLhUfpzMSunLLQQ0_Dy4DLCAGR-7WM-b2DNj9kw3Y0ju-f1dYdFPRVaqSrS9xGmdqP4mQxETQUock4rAKaXXst2lrqLkiPYqCATYFIQt7kC0c_p0jgo2XfgIP1sJORgumqx0l4cxuTZJplP8glFMRR70RieMx-iHqJGaqaewLDfWtVj7mAErrqT9R0nNp5eDRhnINslfTGSWVdf1OUI7axNU0mH0AE2Xbn3S98I_tIMQyP1Yaspx3UUKxW9ZPshZkhrrogd0JNEcSkFnLqq2w-PR67kPehQQ5n6gcjXQphtZjcRfx4s6pR0jpdYif57sPOZwVLL40oehYuXSTAVfrwR_D7zV4xnXsX_STKEB4OObPCOLvZdDoNJzU49nrPRLC5seEoXCTBHCsSvBkzD0LX4aayGUnRX1iBSreURsBbb_K-Jon09j2D0cbuwqukv89Fqh0vUdYqBRS61M9zMccOVfkqenEgxljMSU5VUFPQp9pKz73TQ68KNkG2briwiJr13M6qAOfRlkVTnwkNi5cqjhhzUcq6f8CLh0pY1RzPCGvXQfbU-OI-4yDaBAYpIvxInNEWs8lEpwFXr76EKGoxvjeSk3InEszbQIZgL6riZM0CunVkm4B5p_iukZDqtMiNIIv1pbpSqIze0emNKrotn8kbIuNs5UX3Qsc0JYmboyfpW4TW2ZsnDd6dXcJVLRiF5FBZ1P7M_oPUiE7iz-wM3GreYfEJJRmke8okU3zyiORIoK5DC5pT1Hy2ccoERpPRdkILHPss1n4ax6ye_AYZOjKjqut9JALGgsHqu2q-0P2w8jH2xVv44vHQsAvKmknPg3mJ4WGWdSBjMEmNjNmlWUK-uIPN4rIYvtXaQQ6v6grYdSVwzZGEKkwiPfMz9uChQr8aNaDqXTP2lOB7tB24qXdi0qVttBpST712NM564mPIExh70REjR5q5FDOQvutI8er-OIk7V0PKxWiW7hMiogVXLh9-t3OqA2oyPtUcreLfs8-CYy-c101c67j6P9TesX3QeyUpfTDyVWIgHj-AA-2xZspFg02vHwP1OPSMxU4rj0Pv5uEgHz6QEbecojn8ylKn5aO2NDG_PPrfsgg5mZiR2U8o47a_d0xqKkchvFYzD9akdccRFKhwl82OQHTR1jWr20GZA49mEe0J33xyix-xM2vAFbmu9xmkoWn5MY9fci2bkksjyAxI3R0rKbkIKkAbVj6ukPzbJsYm35pvqXlqnar9wGXNiZLj_Stjgqicx_h2GLCx0FHDs-NieBEskeZvYE8oa6FzbkSMuZnqFd1GXLNiZfQCRSqQbwd2gP-tYyWe00cyDfCndkK2jiEINv7qEkZTD9h8NAyKq2t63DWjP1gGVJOSEy2j1l-MU1Zzob7AZp834RJ2zSbVCxbZ8nyh2kLTC_CmHNdQHl5pxkdi6rIGYb2lY9xcZPfkUzPSvd_f_n7NvME9lSgZeD-hEsXVg3lDZxlNCPB1jZtWcFsnMqk7FSbeN7_yLqf-4&cid=CAASEuRogVI2w9aI-BiZiNehicsTFQ&rfl=3%2Chttps%253A%252F%252Fbg.jf-paiopires.pt%242%2C%2Chttps%253A%252F%252Fcdn.zx-adnet.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 23:08:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 1DF0 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9529
x-xss-protection: 0
server: cafe
etag: 16937460792814555877
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Jan 2022 23:07:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8DFE 1 KB
749 B 10ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 Jan 2022 05:53:44 GMT
expires: Mon, 10 Jan 2022 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 62309
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DF0 41 KB
15 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 11:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jan 2023 11:40:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1DF4 1 KB
749 B 12ms
10ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 Jan 2022 05:53:44 GMT
expires: Mon, 10 Jan 2022 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 62309
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1DF0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fec4e1cd9591cc8ec1a8a359bbb63ec840c570e64af5771459349d19da0b49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 18F1 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 04 Jan 2022 11:40:23 GMT
expires: Wed, 04 Jan 2023 11:40:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 473510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8DFE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1&google_push=AYg5qPLpUU0qMWK3EVWi5v2-7vI3OUSpSpnmXVFQnMh-rpQzMi4fRsWHpZge3kR8RnNUS3GSNwOpGxU9axsa2Kqm0hX3kdFIbFg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgzNzUxODA0Nzg0NzAzNDEzNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1

43 B
407 B

170ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1
Requested by: Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8DFE 35 B
462 B 39ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHiYPNROoNkvnN3bUC-vIwk&google_cver=1&google_push=AYg5qPId47zvJbHjeGv4Ym3U-bSQj6wkb2KsTsNAiCRi-ciVwC5zooTryeZ0P0VROfYEA2cnmUAM2TKFYRkPBqCrzINl14v_DGE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8DFE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9p3yDyQYG15mDKCcB8qzafCTUG7_cyWbvFE6I8Y0bQDgShiuI9-04

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:13 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0fb8f8c60b2bcfa88@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPL9AXzcgBBSCR-M5C9ocUFcZyKVXjqjbZ_AEWfAkZ9p3yDyQYG15mDKCcB8qzafCTUG7_cyWbvFE6I8Y0bQDgShiuI9-04
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8DFE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDgJoANLvM32FPvy_izq_O4&google_cver=1&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8i...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MqAMxA8CS6ugIvKIOhYehQ2&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8iBinGcx3KjA

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MqAMxA8CS6ugIvKIOhYehQ2&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8iBinGcx3KjA

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jan 2022 23:12:13 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MqAMxA8CS6ugIvKIOhYehQ2&google_push=AYg5qPLDeRMz9dRfq_MEdJtbXHc4ehlNuBDZzRGTGMguXLjdW5XoefYNgciXRcQGFWEyh6eG1mecmP8dcRJ17Q8iBinGcx3KjA
x-host: tde-deliveryengine-production-78c5c78457-4ccqk
alt-svc: clear
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8DFE 0
12 B 13ms
13ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6-Tycf2tGJ9KHSxAbnYNo6NEk2blDULp1pcRlQ5Odn56LYTX9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1DF4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1&google_push=AYg5qPIrnAfhfbjFRShVn50t4skoZscjDhHOm6fkf_kAS4hOXCpMU4HOXZEumgHckOlDwVqqMusiT54xQK3RxhmpyYHlbgw6EA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODc2NTQ2MDQ1MzgwOTEwNjE5OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1

43 B
407 B

171ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGOsZd54cII1oUqhnKgK8o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1DF4 35 B
463 B 27ms
8ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHiYPNROoNkvnN3bUC-vIwk&google_cver=1&google_push=AYg5qPI0T-nBO5sM8HO4t7f_aQQm6qQHR2yC_u-Wb9OSzbsaUBU-h3Kx-8Z3lJ-U8gvUgVvveoTCqCLd_3UeUbv3LLh-gEJIE1Y

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DF4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_flghadx9kD-cHHPCzEFgL8MYZ0gnajAayPsWXw-mjI_36qtEWQQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jan 2022 23:12:12 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek9xUFA5aXUxTjZIbWQ1&google_gid=CAESEPYyOYfGjTLQzYwYxwH9fCo&google_cver=1&google_push=AYg5qPLYTrI9mjb7wEuQDvwqBkQrC4Nnryd0lvWsxnYnIJ_flghadx9kD-cHHPCzEFgL8MYZ0gnajAayPsWXw-mjI_36qtEWQQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DF4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDgJoANLvM32FPvy_izq_O4&google_cver=1&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRR...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ESwzQooBQ0y7gluWZ6hexw2&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRRsaRT1N7jE5A

170 B
188 B

16ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ESwzQooBQ0y7gluWZ6hexw2&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRRsaRT1N7jE5A

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jan 2022 23:12:13 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ESwzQooBQ0y7gluWZ6hexw2&google_push=AYg5qPItALCss1sWlr_h_iWoabGr936agcZrja0yg14DlDy3EK8UBiJtJPh9bxZJMN4G-pfb1OzaXUFEuBRkOIRRsaRT1N7jE5A
x-host: tde-deliveryengine-production-78c5c78457-r9g2r
alt-svc: clear
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1DF4 0
12 B 16ms
16ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9xL7UW-byc3njsq74d7nzdFpnbPi97FbgzZIKFKV6huYiAnJ2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame 00BA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 14:51:25 GMT

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 1DF0 11 KB
4 KB 23ms
6ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 09 Jan 2022 23:12:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 934
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3743
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kjyo7100159-IAD, cache-hhn4022-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1641769933.252144,VS0,VE0
etag: "b7b9ede32a13955b010743207a7d773d9229f60e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 415

GET
H3 200 index.html Show response
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 7 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1018994438718716/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a316d433a95dc78be12ef9b52d1418f61a84476596636e63b684dfaac344c3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2669
date: Sun, 09 Jan 2022 23:02:01 GMT
expires: Mon, 10 Jan 2022 23:02:01 GMT
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 612
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DF0 0
107 B 597ms
242ms Ping
image/gif 142.250.181.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubPSDKsW98go1xn6PlamBqW1VV8NCRodVVYix6J06ZztAqN2E38OcAjl_vhH-Enhk0FtFsboqTqKp2-Kh9tkGFytnn0xB58SkpbhIRN_06WT9oLhmwl6v7eMl17uajZ67NHgYPhNIdLZILKY5okvHqSv0dRHRf7I-1JAP5q3IKJW0O7nh1ZQApxeONCCSA-ZY2N2Ib9SMPHyjK7KIMKOzvTRj91i_B20YrF7RzJitT_wvbsXgNOw6BN-KZOv3nCJcsx6D4HGazqWEK3KYKPkxYSxVab6LzQ7bSjHqgAzGuhLV_1e9E6Stdro69_FdWQC03BgEQ4WtVuzdJBSsGBWnqggmbGFG3R9KnK866fhjS8TVqvsRQansEka-_zmxqF5_zBZIkPSdYmU-2gDbtna8YVQ7bvWprIBJOYJNViu6BEiLiW47gYzsOko9KnMBGPPZ3qEPgBbGGStL7xLOzj1ZHW7HFaAUxf0TGkTWJlaswKhL2d6JJVnkqVOS-5qgPZ59oXsNN2FI-ep7HjywZdSBc7RwV60fgPwDCaXvJ_gzywn1VLNO630DGaP79LTBfW06Ml8EcanTVMlNDzrrXO2so61k_gS31FNH5N-ELXO_EqQCNlJB3acVHqqESAdob5FZTSRabE5Z3oqTgWIFuIAd4pAWRK_-zLna3rCpiEgSg5wHw7L9zJulNcsc2Wm_yhxxqKlGJ9jZHI_SKcpOA4jGnL7ceIN-u8HQf3LIcx-HFKRL7RvlOTb6wXpjt2hc-rI0LFLV9BEoXeAvfe91AJQbzYxpNOnpb_iFOSBmUMcibEwVbwFFrT6zKXRMFC0fLOKq4V3hK--INxgNrlZ5wPRf1Mb5Av2rAo6MJbMoXnUH8dUiNbk-LozcQ_zmKoeWCRWwf4zd1JgwdsA9RkoLhMK-cny7llxhZSN5Tf7XsplvLNaYxHd7wV-ovpzESxL7XSdVHHC-KK6sGm0940QYWyCfPf5xMBBJT7AusTRWhUBacp-t0YSOK-Fb9KPJns3bnVtaOkbkDjzEeG8FM0LMae9j077YncAfpQVwLQNHQr5PvyxdlI_n40Mu-aRJDzaeuQnhB_jWrhE2fk2gTwtBsteShFJnWBt_UPUfpy7xi7XVwc8sWLp2M5MD0gyB9mdblH-NawKmILmRWmx0noinySMxEFrxfPfz1oMflNeE6R2BAa7LZPpUsdkuLObo1dGe_2aJJlK3V1J-ELUkbUjHqoakGB5MlYwJWT4RYqqsawA&sai=AMfl-YQ-mf409JjiAsAsZrqqSJKTw0sB1mE-5-jIXxLpqdjUiUQsATWbd31GoWjV-APx8B9-uEZpR-r_jM4GTyM1sCwM4Kexb4WvxXqOvZZG1CQkATVFYZYnJmVwAaKQx3P49r1mXSVIfIZbGDLauRNuC5ee39SbZQ&sig=Cg0ArKJSzA4XXWQDr11wEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=111&cisv=r20220104.91595&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 09 Jan 2022 23:12:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame 18F1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 14:51:25 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FB99 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OCEiOZfD0zo?modestbranding=1
X-YouTube-Client-Version: 1.20220104.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtpbER4eTBMRjYtMCjK1-2OBg%3D%3D
X-YouTube-Ad-Signals: dt=1641769930829&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C743%2C418&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 09 Jan 2022 23:12:13 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 1DF0 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
age: 3541856
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 6931761
content-length: 84509
x-served-by: cache-hhn4022-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1641769933.316936,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 30F2 236 KB
63 KB 96ms
25ms Script
text/javascript 2a02:26f0:f7::5c7b:e033
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1018994438718716/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:27:13 GMT

GET
H3 200 javascript.js Show response
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 34 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1018994438718716/javascript.js?1635423452372

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1018994438718716/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209ffe2c4a3eb94ba983fadc62d46e9696c58c4b1aeef1aae8228f46e7f27b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8371
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 23:02:01 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 1DF0 0
338 B 130ms
31ms Image
text/plain 99.81.146.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=261921500&adid=457763448&creativeid=160603169&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=zdgrod&adk=1011298904&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.phhsnews.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8NXF9AUQt7St0L67y4KOARJMANyigRre_BHbLQn6TtukjBMDBjmxZc26gc1fJ5k0xhXTehG9sNt-a3n2aKMCaQLqgciyOH0JGom5maF9lFR1Eu4vHhq2xr_Yrq-yYA&dt=1586595227726&bpp=71&bdt=67&fdt=167&idt=167&shv=r20200406&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Df3b94bc5be2d5f06-2263945e1acd0074%3AT%3D1641769932%3AS%3DALNI_MZz3vUFG3bK58a4rziVr_5rd8dhe&crv=1&correlator=5120177609303&frm=23&ife=1&pv=2&ga_vid=362027958.1586595228&ga_sid=1586595228&ga_hid=55663360&ga_fc=0&iag=3&icsg=554&nhd=1&dssz=6&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=10&ady=55&biw=406&bih=1600&bih=1200&isw=728&ish=90&ifk=1144962557&scr_x=0&scr_y=0&oid=3&pvsid=4145897469221223&pem=216&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&jar=2020-04-11-06&ifi=1&uci=1.cv0p0xjee1od&fsb=1&dtd=197&0.33538989302105393
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.146.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-146-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1641769933
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 1DF0 236 B
426 B 65ms
34ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1641769933.454139,VS0,VE25
content-length: 187
x-cache-hits: 0, 0

GET
H3 200 hintergrund.png
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 19 KB
19 KB 10ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018994438718716/hintergrund.png?1635423452363

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dddbcd995fc5c464a5d7c442c8f4608d9a7e7ae61de44ea416fbe979524bbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:02:02 GMT
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19683
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 23:02:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DF0 0
524 B 390ms
235ms Ping
image/gif 142.250.181.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubPSDKsW98go1xn6PlamBqW1VV8NCRodVVYix6J06ZztAqN2E38OcAjl_vhH-Enhk0FtFsboqTqKp2-Kh9tkGFytnn0xB58SkpbhIRN_06WT9oLhmwl6v7eMl17uajZ67NHgYPhNIdLZILKY5okvHqSv0dRHRf7I-1JAP5q3IKJW0O7nh1ZQApxeONCCSA-ZY2N2Ib9SMPHyjK7KIMKOzvTRj91i_B20YrF7RzJitT_wvbsXgNOw6BN-KZOv3nCJcsx6D4HGazqWEK3KYKPkxYSxVab6LzQ7bSjHqgAzGuhLV_1e9E6Stdro69_FdWQC03BgEQ4WtVuzdJBSsGBWnqggmbGFG3R9KnK866fhjS8TVqvsRQansEka-_zmxqF5_zBZIkPSdYmU-2gDbtna8YVQ7bvWprIBJOYJNViu6BEiLiW47gYzsOko9KnMBGPPZ3qEPgBbGGStL7xLOzj1ZHW7HFaAUxf0TGkTWJlaswKhL2d6JJVnkqVOS-5qgPZ59oXsNN2FI-ep7HjywZdSBc7RwV60fgPwDCaXvJ_gzywn1VLNO630DGaP79LTBfW06Ml8EcanTVMlNDzrrXO2so61k_gS31FNH5N-ELXO_EqQCNlJB3acVHqqESAdob5FZTSRabE5Z3oqTgWIFuIAd4pAWRK_-zLna3rCpiEgSg5wHw7L9zJulNcsc2Wm_yhxxqKlGJ9jZHI_SKcpOA4jGnL7ceIN-u8HQf3LIcx-HFKRL7RvlOTb6wXpjt2hc-rI0LFLV9BEoXeAvfe91AJQbzYxpNOnpb_iFOSBmUMcibEwVbwFFrT6zKXRMFC0fLOKq4V3hK--INxgNrlZ5wPRf1Mb5Av2rAo6MJbMoXnUH8dUiNbk-LozcQ_zmKoeWCRWwf4zd1JgwdsA9RkoLhMK-cny7llxhZSN5Tf7XsplvLNaYxHd7wV-ovpzESxL7XSdVHHC-KK6sGm0940QYWyCfPf5xMBBJT7AusTRWhUBacp-t0YSOK-Fb9KPJns3bnVtaOkbkDjzEeG8FM0LMae9j077YncAfpQVwLQNHQr5PvyxdlI_n40Mu-aRJDzaeuQnhB_jWrhE2fk2gTwtBsteShFJnWBt_UPUfpy7xi7XVwc8sWLp2M5MD0gyB9mdblH-NawKmILmRWmx0noinySMxEFrxfPfz1oMflNeE6R2BAa7LZPpUsdkuLObo1dGe_2aJJlK3V1J-ELUkbUjHqoakGB5MlYwJWT4RYqqsawA&sai=AMfl-YQ-mf409JjiAsAsZrqqSJKTw0sB1mE-5-jIXxLpqdjUiUQsATWbd31GoWjV-APx8B9-uEZpR-r_jM4GTyM1sCwM4Kexb4WvxXqOvZZG1CQkATVFYZYnJmVwAaKQx3P49r1mXSVIfIZbGDLauRNuC5ee39SbZQ&sig=Cg0ArKJSzA4XXWQDr11wEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=202&dett=3&cstd=111&cisv=r20220104.91595&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: bg.jf-paiopires.pt
URL: https://bg.jf-paiopires.pt/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18F1 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgPOJzWvbYbnhBMqOgQeL_JrIDgAAAAA4AeAEAg&bg=!e3ileDzNAAbDtiZlw7Y7ACkAdvg8WsSQV2Qwe_RJMDnv0f3xM0Neo3YcXH3IepfE2_T__zsUSDWj7wIAAABjUgAAABhoAQeZAtuBQx3EwHhTA15YBkTVOvkICHZ0P9scnYUc4sSqeYh1kdZVTttIke45TVLlaK2kjK5lLEMej5IMs9kP1S2r6b6cRhO7nBYZuCQIdYNyQ3CKID2X4a_qu3DY_mvn4hPEs51-E_CyCZkLOMIcczM-rar85m3mt0r--gtzjgVLlnKzErimqbA2plehL_hJhfI39liqjTj-eFwTJ5A8bqLR4Ex6W7Mt4gQnjUJHCw2g14PS3JxCcdaicZ5fWGntcKcOz2DpcafTg77ZhF8esMME2Q4TlV9smN0pZcsNC-GsR62HfY4xOcsDboPWiZJI8zIFi-YVbxZCBEqsA8GJWtv9uf8aZy1zEMAc-q1mB7qzweEvjrevnUTVDQxC5vVlKbE1BtkoOz4_0w9FOpVz9oAnNzsOLSnziuL1-kYReuisuhjYgrPVuRyTsyFz-DMs7CYUkPikk-mhbIRmpW-LdIrqqKL16uQQR_YimajxCwQC0NgRly6QvVAawQUdKmLhoJlnrBnf3xmihjJzkK4UscFn2QGgwxZ0jq4skKrlkcGtnOtSD3WMUlGAK_JiioAge_9rr7PnHw_KR6LBWKHfK4L6HDO-cze51KBDbjeaTyvK1KaRviuhH6qNLwlT3WRiNC-H9Xmcwc6im4Chg9ngZfftrQJqNWFVJC3MgdTR3iILkhMKopyiCaUUhelINLvWXYZy5jUD1Kyow0_ABGzF6BqbGYz78wYFZ2U-OuQ7CQBPobBi69Wzd3DJ6skeuaMXy-WpeYsKbH2h2Jg2LRhVtjIhJqZK3ApdOvzaxSaFNmpSiQOkfOQFzUD-_vGqOKODPXsXOvrFfzhKqBYda30x0GF6WXwJ_04VAEo198oSsdD5P-qiNbwkObVzdWu4-5izIuzFOsyFh_qAhGyUMHT8XqRkDCJUVkutVRczTo0eDWmi9u-SXY4UFHAYQf3yo47a-tOABQNxmQ0fAIAZaAqLJg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018994438718716/stoerer.png?1635423452363

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b8ff1678987ed790d4f097d38ee6b8d02f6ca83955a5b8d251fff927cd25d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:02:02 GMT
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4533
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 23:02:02 GMT

GET
H3 200 verlauf.png
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 29 KB
29 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018994438718716/verlauf.png?1635423452363

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0c04f97ad979437002c8d7a3952846e58cb52ddebc83a6f3b3ae86caeedcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:02:02 GMT
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29754
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 23:02:02 GMT

GET
H3 200 visual.png
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 23 KB
24 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018994438718716/visual.png?1635423452363

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de10bb7ed622654b08c43570d01d619e368da8e2218c88374f184ff2f66f09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:02:03 GMT
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24046
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 23:02:03 GMT

GET
H3 200 visual2.png
s0.2mdn.net/4528516/1018994438718716/ Frame 30F2 19 KB
19 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018994438718716/visual2.png?1635423452363

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5fca409590dca039e15024e5cd10e7d1688abe1d9031bf378e670f1c5c9279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 23:12:49 GMT
x-content-type-options: nosniff
age: 86364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19052
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jan 2022 23:12:49 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 1DF0 81 B
240 B 30ms
30ms Script
text/javascript 99.81.146.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.146.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-146-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d7ea6c2435d8c3a589575726ef56821eef4a2c69a9031218714e4849707a81f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=45 t=1641769933
x-served-by: beacon-n010-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64094aec6f9ced4d9a21b8723cc9a87677348ea82fda204bfa094a892dcf4b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8643
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 23:12:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D54 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 09 Jan 2022 17:47:09 GMT
expires: Mon, 09 Jan 2023 17:47:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C43F 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8cf5e6b5329fa8a329352f13881f59dd8e467333a96edcbac1dda3c7f0d12381

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nQDrfd2tv7hqaUnbPskyNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 09 Jan 2022 23:12:13 GMT
date: Sun, 09 Jan 2022 23:12:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nQDrfd2tv7hqaUnbPskyNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D54 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13292
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 14:51:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C43F 0
0 72ms
72ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2095085246472852&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 30F2 102 KB
102 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1018994438718716/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:08:46 GMT
x-content-type-options: nosniff
age: 207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jan 2022 23:23:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D54 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?74ovhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 23:12:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2095085246472852&bg=!u7iluPzNAAbDtiZlw7Y7ACkAdvg8WnhbeQHXsYEHaBEFJFn43uR2Vdduu41BTrR37SHWC0UxV7uUdQIAAABdUgAAAAtoAQcKAAIYpZkCidg0lp4LqXo9Ctah8Bpngbw9wznkBG5Py1bpcISLf6u5G9KPZ9NIp_xCMDkd3rVehr6bxV3BNKZlTgL2RD_Vf9NO9DMbdAJNL39B04m4QcDveh-YwEQpGeRQiU7IfIJrlL8h7ZiCsx7sFvxPGyqwjPpG5jIKHSfOcek5eoC8tUOo05eB1IF2v5_g7hjFF0P-8Jqjn7C2qf-ePi1NxDjlcjxhKqB8t_4BoadPH3PRf3Jl3k6imeDEe4buiUNGOxPyrRkHMcppq_VlIYa5C_mjL2knxyIl173-OMR3Ue8rY8zBMz3rMvEYnYC5fBj7j3qkS2Tzw8G_K6JCmJ6nObNhfPtmZZuAsYdluCBVTwwyjfEQuqU16VOX4EV1pt82pS36i7or-8bikohSNu5mOwpkXsYy8VMy-lfOVcvlrseH_bVyMzWp-IAk4_a-g0rmURkWAPP60T3OQY2sw5p5vSp0aF2nvKx-7YDXS93Anx5Bg-9Z2gV2J72JuNo5WdQedXWQPbtqwP4Tx_sRJOaTATw1mD9tCTivPNqpAJtLKdL_yNCZBjuJusIEha324BTBnARMvWaVFo6rXbnErlad4kPKq0W6H9dtTTO-tVfjEqk4i9dVcXlDQkYHu0OAV3rAgA15_ph0gNh85sg8gROS3QXwv7MRom3kIn7SgxQXhoP7jpsihwy0m7OC2E85Czk_93om6bTr80jGJmuMEaWQd5IXiJi87kSLC8xFCM4nO-fAeDYenh-z5GYK3MKH8jPx5wzxggDgteX7tXjLHohAZU_evyftDIFHYoTonQ0NMe4SgmBT9RdqM1PahQkSTjB0wfnf1VaXrhy1W302ojrnzRoWNmLNVVd7-jmYqCs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.jf-paiopires.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Domain: jf-paiopires.pt
URL: https://jf-paiopires.pt/template/fonts/fontawesome-webfont.woff?v=4.0.3

Domain: jf-paiopires.pt
URL: https://jf-paiopires.pt/template/fonts/fontawesome-webfont.ttf?v=4.0.3

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go5s.biz/	1970-01-20 00:46:01	Name: uuid Value: a0e8cf91-221b-4738-8492-27f55618df22
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Us8AhS3se5k
.youtube.com/	1970-01-20 04:22:01	Name: VISITOR_INFO1_LIVE Value: ilDxy0LF6-0
.jf-paiopires.pt/	1970-01-20 08:48:25	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdlNDExZDEtMTcwYS02YzdiLWI0YzMtZmM0NDhkZGExYmFjIiwiY3JlYXRlZCI6IjIwMjItMDEtMDlUMjM6MTI6MTEuOTg5WiIsInVwZGF0ZWQiOiIyMDIyLTAxLTA5VDIzOjEyOjExLjk4OVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.jf-paiopires.pt/	1970-01-20 08:48:25	Name: euconsent-v2 Value: CPSkjX4PSkjX4AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.yandex.ru/	1970-01-20 08:48:25	Name: ymex Value: 1673305932.yrts.1641769932#1673305932.yrtsi.1641769932
.yandex.ru/	1970-01-20 08:48:25	Name: yandexuid Value: 9681487061641769932
.yandex.ru/	1970-01-20 08:48:25	Name: yuidss Value: 9681487061641769932
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 437577381641769932
.yandex.ru/	1970-01-23 15:38:49	Name: i Value: PcZ+ysK0XH+nZJzk/C4wfMr//0qNbiWoDtnc53ksQFUQbB/ExR4xpd+VXkqm1atjgSOjVsNU0b5d6ufy0FDIexOF3eQ=
.jf-paiopires.pt/	1970-01-20 09:24:25	Name: __gads Value: ID=f3b94bc5be2d5f06-2263945e1acd0074:T=1641769932:S=ALNI_MZz3vUFG3bK58a4rziVr_5rd8dheA
.doubleclick.net/	1970-01-20 09:24:25	Name: IDE Value: AHWqTUlhOEBeOkQv2cG1Rhzz1sY_hT7-tb_xZHJXR7mOoqrGoBH2KbhqS48k2p3DeMU
.adnxs.com/	1970-01-20 02:12:25	Name: uuid2 Value: 5040581933412352277
.casalemedia.com/	1970-01-20 08:48:25	Name: CMID Value: YdtrzUsRZMtq00un2c.AkwAA
.casalemedia.com/	1970-01-20 02:12:25	Name: CMPS Value: 5202
.casalemedia.com/	1970-01-20 02:12:25	Name: CMPRO Value: 1173
.casalemedia.com/	1970-01-20 00:04:16	Name: CMST Value: YdtrzWHba80A
.adnxs.com/	1970-01-20 02:12:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$QwY'0]!]tbPl1M>e)ZlrFUfJ+tGXxoL_+B6TZLMN'<W+o`<XtO$_CP$)b#r#gHz<37bpRzqF1`b_p[Ea#5
.casalemedia.com/	1970-01-20 08:48:25	Name: CMRUM3 Value: 2d61db6bcd2760CAESEHdrZJ47Fd3aFPXBmsRYbsY
.quantserve.com/	1970-01-20 02:12:25	Name: d Value: ECkBCQGUJYEA
.quantserve.com/	1970-01-20 09:33:04	Name: mc Value: 61db6bcd-39ebf-32201-aa89f
.w55c.net/	1970-01-20 09:33:04	Name: wfivefivec Value: zOqPP9iu1N6Hmd5
.travelaudience.com/	1970-01-20 09:33:04	Name: _tracker Value: %7B%22UUID%22%3A%22112C3342-8A01-434C-BB82-5B9667A85EC7%22%7D
.w55c.net/	1970-01-20 00:46:01	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 04:22:01	Name: uid Value: 8765460453809106198
.krxd.net/	1970-01-20 04:22:01	Name: _kuid_ Value: Ol5e5CnP

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bg.jf-paiopires.pt/womans-masturbation-guide Message: Access to font at 'https://jf-paiopires.pt/template/fonts/fontawesome-webfont.woff?v=4.0.3' from origin 'https://bg.jf-paiopires.pt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://jf-paiopires.pt/template/fonts/fontawesome-webfont.woff?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
javascript	error	URL: https://bg.jf-paiopires.pt/womans-masturbation-guide Message: Access to font at 'https://jf-paiopires.pt/template/fonts/fontawesome-webfont.ttf?v=4.0.3' from origin 'https://bg.jf-paiopires.pt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://jf-paiopires.pt/template/fonts/fontawesome-webfont.ttf?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40b7f0c3cb.86a7149f2c.com
7144693d978696294c38950846f23567.safeframe.googlesyndication.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
beacon.krxd.net
bg.jf-paiopires.pt
bg.onpointpublishing.com
cdn.krxd.net
cdn.zx-adnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
consumer.krxd.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
go5s.biz
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
jf-paiopires.pt
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
mc.yandex.ru
na.nawpush.com
notification.tubecup.net
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
r.skimresources.com
r.turn.com
s.skimresources.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.doubleclick.net
syndication.twitter.com
t.skimresources.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
yt3.ggpht.com
fonts.gstatic.com
jf-paiopires.pt
www.youtube.com
104.244.42.136
142.250.181.2
142.250.184.194
151.101.194.133
151.101.2.133
151.101.65.195
151.139.128.11
168.119.25.18
185.33.221.89
188.166.135.13
2.21.141.232
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:b944
2606:4700:3030::6815:4a9d
2606:4700:3031::ac43:9c12
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2016
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a02:26f0:f7::5c7b:e033
2a02:6b8::1:119
2a03:2880:f21c:80e5:face:b00c:0:4420
35.190.0.66
35.190.59.101
35.190.91.160
35.201.67.47
45.133.44.24
45.133.44.25
52.58.94.171
99.81.146.30
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
04e6900b0df0853215580ad83297265e34319433642234692a934008dd3069ab
09b8ff1678987ed790d4f097d38ee6b8d02f6ca83955a5b8d251fff927cd25d7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11fec4e1cd9591cc8ec1a8a359bbb63ec840c570e64af5771459349d19da0b49
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906
1663174fb4fe6b909ccfa491ff52597842004dc7decf284ddc5e337d183fa209
16ce2468166d0e1bc2aff5d47700d11b99fa0969f199d115c98eb93bd40c4221
179c39caa9de46801fb393d0388f5f1c74c943aed24c3ae14fa5b90a1db6c17e
1bc3457dfe52f627da8e6011b2fd916e7f0aa568daedd270bdb5f989f4dec7bd
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4
1da290483f5cb77ae0c45dbb516b2035409295dc6f43c87d90283678d3b6ed05
1e642489424b3fa713a48f4533983d86e91dd498e8d19602f054c333840e9775
209ffe2c4a3eb94ba983fadc62d46e9696c58c4b1aeef1aae8228f46e7f27b7f
23b953730e30a53f59967a5d4eb2817032d70bc77eb2c82e1d53536fb476b522
26ec7e3c1ce6ee49841be90a9085425834b164113c723bab84468316309cad1f
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a
3695475645ba51b0359dd0b41567fdd67dbf6ff69dace06e775aaf883833af53
3971543727a78bab1026587c05c97edee7a7446728392fc3d4c1ba64b2c1807d
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
3dddbcd995fc5c464a5d7c442c8f4608d9a7e7ae61de44ea416fbe979524bbd2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40da8fa07f7abf42d09dc3dbde361f9fa0f88b253168344d5fee52e4a855e7f5
42eb68bf8ec856a2a4029cbf13de4be8567f150fe064f51b5f43424842e699df
4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce50cd32328adc9ff19575851fedb83044238acf241fb751983faac9a2e6ebe
4de10bb7ed622654b08c43570d01d619e368da8e2218c88374f184ff2f66f09a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410
5ae996ae0bf157d7574024452bbbccdc7ec5f7ee1de15e5bf774026ddb2ea386
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
64094aec6f9ced4d9a21b8723cc9a87677348ea82fda204bfa094a892dcf4b11
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6df26caa2d0d8de6c3ef3e67d2c82cbd39acc49d142b0ea79048013b8897f628
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72c2003e8b9edfad1ff1f47f6e33ba78f8ba190b0eb5d104b6f1228848c39ff2
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7f40d7edadbaea23653f0ae4c003f2db45b25fb6641fe168d2775985eade67a7
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b6842d3e60ef328390f9096ca2cbab47051a4dfed2867dccda71b30ea7b7113
8cf5e6b5329fa8a329352f13881f59dd8e467333a96edcbac1dda3c7f0d12381
90904269b8549f5c4b25821e38254a1028d5f788fd54e2fe7231830164b223b3
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
98b6da82df54e403aaddecdafeec961dd33420a62f0c4095531913195801c28a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a316d433a95dc78be12ef9b52d1418f61a84476596636e63b684dfaac344c3da
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b8a4b058f0cfdb5137ab550edcaa8912e26d6ceb7451b9ea791d608e467090
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae0c04f97ad979437002c8d7a3952846e58cb52ddebc83a6f3b3ae86caeedcce
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
b3c178ac396736c811ccb139f4c6f928eeb22a1c38a0cf7208b1cda1f7e89e43
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b80349b55fdbf93d7b1ae0bcce1d648407e144cc671935785864a695f4efd70f
b98ec4289bdd5fa1d2c87b382d4261f8be68818078a908eb041bfb2c604b9756
bc6e23b43c9eb82089763ec9c9b35dc6d98502a540ac5b4f699c637587fb232b
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
bfba12c2b73530412ac1ccbfbb615590273c8ff97694637c5b966b9eaab9d94a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
c99d02267f02306cbcbfe11c265c620e4dfc2ee194b9f339f09522a212c8df52
cc5fca409590dca039e15024e5cd10e7d1688abe1d9031bf378e670f1c5c9279
d191a8a48b2c83a3925e3e45af41d73eb0f9e6e4970eee2fe810c0f702d56236
d3c7ce759838ce8c3ad196db890ebbfbbdf7499177e4c587014ccef302ea0eb6
d74e31b4d5ef7f12e4e04fbc8a59f0ff7147b7394dfdb9865d98b1292a2fbaf6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ea6c2435d8c3a589575726ef56821eef4a2c69a9031218714e4849707a81f1
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
e9d45467f4833ab1983bd81ff30bd233a58feb324dc84a8e22a8f303f91a3409
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
f666a778452c319eae1991763c7b5b890b208b0a5f48fd43b96dc473904b092d
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
fc4db8d3f8fbff5808842002aa47beced5d81d682cfae9fe7265d05c00678942
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

bg.jf-paiopires.pt Open in urlscan Pro 2606:4700:3030::6815:4a9d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

89 %HTTPS

57 %IPv6

36 Domains

52 Subdomains

42 IPs

6 Countries

3125 kBTransfer

8663 kBSize

26 Cookies

1 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.jf-paiopires.pt Open in urlscan Pro
2606:4700:3030::6815:4a9d Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

89 %
HTTPS

57 %
IPv6

36
Domains

52
Subdomains

42
IPs

6
Countries

3125 kB
Transfer

8663 kB
Size

26
Cookies

178 HTTP transactions
3 data transactions