presidentialhill.com Open in urlscan Pro
2606:4700:20::ac43:4497 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.presidentialhill.com/production/click/c964545f54713a566861278e50d76133/fc5dad38e1f044e684ba87597f5d38f7/33f3d3f84a55d...
Effective URL:
https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Submission: On June 20 via manual (June 20th 2023, 8:20:40 pm UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 11 countries across 35 domains to perform 156 HTTP transactions. The main IP is 2606:4700:20::ac43:4497, located in United States and belongs to CLOUDFLARENET, US. The main domain is presidentialhill.com.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.

This is the only time presidentialhill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.169.39.25 35.169.39.25	14618 (AMAZON-AES) (AMAZON-AES)
30	2606:4700:20:... 2606:4700:20::ac43:4497	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	34.149.139.129 34.149.139.129	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 16	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.105.199.172 172.105.199.172	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3 3	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 1	54.173.30.48 54.173.30.48	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.197.149.186 23.197.149.186	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:cb7c:b9e3:cc95:725e	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
156	34

1 35.169.39.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-39-25.compute-1.amazonaws.com

trk.presidentialhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::ac43:4497 (United States)

ASN13335 (CLOUDFLARENET, US)

presidentialhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn2.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com

decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.168 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.30.48 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-30-48.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.149.186 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-149-186.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:cb7c:b9e3:cc95:725e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	495 KB
32	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184	191 KB
31	presidentialhill.com 1 redirects trk.presidentialhill.com presidentialhill.com	506 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29450 ad4m.at — Cisco Umbrella Rank: 9747 assets.ad4m.at — Cisco Umbrella Rank: 39050	439 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	105 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	224 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	4 KB
4	decide.dev cdn2.decide.dev — Cisco Umbrella Rank: 29968 decide.dev — Cisco Umbrella Rank: 20747	7 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	925 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	449 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2376	569 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 130926 static-de.ad4mat.net — Cisco Umbrella Rank: 177631	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 874	338 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 601	363 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	464 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 53229	366 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76803	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 69816	435 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 69350	261 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16217	704 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 792	1000 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1233	204 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 16506	599 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	610 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	47 KB
156	35

	Domain	Requested by
30	presidentialhill.com	presidentialhill.com
21	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
16	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	presidentialhill.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	d5p.de17a.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	stats.g.doubleclick.net	decide.dev
3	decide.dev	cdn2.decide.dev
2	sync.teads.tv	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	sync.mathtag.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	onetag-sys.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pv.medialead.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	sync.srv.stackadapt.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	a.c.appier.net	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn2.decide.dev	presidentialhill.com
1	www.googletagmanager.com	presidentialhill.com
1	trk.presidentialhill.com	1 redirects
156	47

This site contains links to these domains. Also see Links.

Domain
www.westernjournal.com
www.foxbusiness.com
www.pymnts.com

Subject Issuer	Validity	Valid
presidentialhill.com GTS CA 1P5	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn2.decide.dev R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
decide.dev GTS CA 1D4	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Frame ID: D58A09D63D883B8DE3C584F5C262ADA2
Requests: 45 HTTP requests in this frame

Frame: https://decide.dev/lad/14801614930392422?pubid=ld-3925-5763&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=696&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Frame ID: 10B45FF312F8657163B205AE220E0E58
Requests: 2 HTTP requests in this frame

Frame: https://decide.dev/lad/15683039694886758?pubid=ld-4737-4954&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=324&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Frame ID: 071CA06C996812D47C146D04AC127883
Requests: 2 HTTP requests in this frame

Frame: https://decide.dev/lad/14801612749354342?pubid=ld-9018-5367&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=1068&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Frame ID: 769ADA767983002FFA2A1C7C330AE20C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html
Frame ID: C97639036AECB7FE67373A2EAB186BD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&adk=1812271804&adf=3025194257&lmt=1687292434&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292434980&bpp=4&bdt=486&idt=294&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6301331392234&frm=20&pv=2&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: E0D2627D5EAAC43C42E3C77E4D58AA4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=3269428252&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436189&bpp=1&bdt=1695&idt=2&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypVWfRVY69&p=https%3A//presidentialhill.com&dtd=10
Frame ID: 0173A96DB9A664034580916935E157BE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4
Frame ID: A0D7FA3AE6E54FEC5EBC255F66F8F805
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
Frame ID: 7801B7F5E3D6131E448281EA6A815532
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E4D8153ED808821FF25F01361F3B27E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C07AB148AA29E641E4BBF57E7CC995BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 115D2EF63C6925D18499E7E37F2DF96A
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/47a9bcead4760fc70edbade504912d92.js?tag=client_fast_engine_2019
Frame ID: 4E6A28F71F98673A6E8AC43956433F0B
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D
Frame ID: A70E5300A31DEE08F79718A95157D033
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17CA92B793B60D1B59CC00CEA2A9D9BD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 465B7247E88A4F937AD0622FFFD18CCE
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 543CC4C55A63AA868D58365C4C158207
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Frame ID: 5458BCEE39ED957FB6A911A6C1798930
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4EA783F2C5FE4AA765337B2A1756B8F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 64D3135DC7014B5D53D639B51B29F2B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEDF6045EE719328391F9D2B3B0F8F94
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: D3DE676B4FB90902DD31E888F4B8DC8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Target Memo Confirms They Know They Screwed Up | Presidential Hill

Page URL History Show full URLs

http://trk.presidentialhill.com/production/click/c964545f54713a566861278e50d76133/fc5dad38e1f044e684ba87597f... HTTP 303
https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

90 %
HTTPS

50 %
IPv6

35
Domains

47
Subdomains

34
IPs

11
Countries

2048 kB
Transfer

5468 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.westernjournal.com/leaked-target-memo-reveals-retail-giant-learned-nothing-9b-lgbt-protest-losses-report/
Title: Target is facing a Bud Light-like financial blow.

Search URL Search Domain Scan URL

URL: https://www.foxbusiness.com/markets/target-loses-9-billion-amid-pride-merchandising-controversy
Title: sucks the life out of a company’s bottom line.

Search URL Search Domain Scan URL

URL: https://www.pymnts.com/earnings/2023/target-faces-profit-losses-rethinks-in-store-operations-amid-rising-retail-crime/
Title: “targets” for looting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.presidentialhill.com/production/click/c964545f54713a566861278e50d76133/fc5dad38e1f044e684ba87597f5d38f7/33f3d3f84a55d72231fb5ff065251109/aHR0cHM6Ly9wcmVzaWRlbnRpYWxoaWxsLmNvbS90YXJnZXQtbWVtby1jb25maXJtcy10aGV5LWtub3ctdGhleS1zY3Jld2VkLXVwLw%3D%3D/fe78a7ff7b5be938d8c27f60186b1337?x-ew-link-index=2 HTTP 303
https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECXBvKx2KxEYSxIri5iqkHU&google_cver=1&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef-KP_LoFAb3G4XEU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef-KP_LoFAb3G4XEU

Request Chain 85

https://a.c.appier.net/gcm?google_gid=CAESENErEc0rETujPfqEzTs_VVc&google_cver=1&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo5M4bx5WW3434N0yHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VFFSVnhSbDdEWGVaMTI1MEZRcVNaQQ%3D%3D&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo5M4bx5WW3434N0yHw

Request Chain 86

https://d5p.de17a.com/cookies/google?google_gid=CAESEIYusMgIhMcgapJ6CepCG1Q&google_cver=1&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIYusMgIhMcgapJ6CepCG1Q&google_cver=1&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug

Request Chain 88

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOz_DCM7c0bBt5unafTEj4c&google_cver=1&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrBsKNY48kIxyANNf2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LbvtYqlFW0F0dFCHHa8gLMEg-OE&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrBsKNY48kIxyANNf2w

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPTe-ZLW0v8CFYug_QcdJYkE-g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI4qMNGlKBm0nfxI6Vi2h68&google_cver=1&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta7WjalsGsTY92PJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta7WjalsGsTY92PJg

Request Chain 127

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK0I28RE7Vp_stfeHuF5G7E&google_cver=1&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbiszuzJQlpmlQHQspzw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbiszuzJQlpmlQHQspzw&google_hm=hmSSChSjsWhtxpArBw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64920A14A3B1686DC6902B07BLIS

Request Chain 128

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDe9ftjBm91R5QKyK2-TN4w&google_cver=1&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYyxrkaxopg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYyxrkaxopg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B

Request Chain 129

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJDizOkXFbwIzOqkazYh1JM&google_cver=1&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmFtocUUVfzXoBgdMtOeWxY6ag HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJDizOkXFbwIzOqkazYh1JM&google_cver=1&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmFtocUUVfzXoBgdMtOeWxY6ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwODkyNTI5MDkzMDUxNjIzMw&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmFtocUUVfzXoBgdMtOeWxY6ag

Request Chain 130

https://d5p.de17a.com/cookies/google?google_gid=CAESEOKPP5ARI2veiyKdIk-u2xE&google_cver=1&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6VByCLNK8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6VByCLNK8

Request Chain 151

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 152

https://um.simpli.fi/gp_match?google_gid=CAESEFkWxBUzkHIqoKMd7tb_2Tg&google_cver=1&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2qlAKtBOgf26ix9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=45F1D56869794D20B6DCC0EDA66E44A0&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2qlAKtBOgf26ix9w

Request Chain 154

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHGLngjPsMZOtDPWd9jUAI&google_cver=1&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4ujQXZ1eg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4ujQXZ1eg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B

Request Chain 155

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJnL-of7bDRo4_mr21J_4KY&google_cver=1&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwcdeTbbi9MJkSKqZ8tvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwcdeTbbi9MJkSKqZ8tvg

Request Chain 156

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIjD9-rB-kCRe1hdxAQn5m0&google_cver=1&google_push=ATf1kGME-mtOSTEke15s9aH6_635iSWXDDg9CxOsiMRB3-vTTgQQ6WcXnZsd82olpoU9SykUXrScmydCP_IfYC5aii-KaxWFdEINIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGME-mtOSTEke15s9aH6_635iSWXDDg9CxOsiMRB3-vTTgQQ6WcXnZsd82olpoU9SykUXrScmydCP_IfYC5aii-KaxWFdEINIA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

156 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Redirect Chain

http://trk.presidentialhill.com/production/click/c964545f54713a566861278e50d76133/fc5dad38e1f044e684ba87597f5d38f7/33f3d3f84a55d72231fb5ff065251109/aHR0cHM6Ly9wcmVzaWRlbnRpYWxoaWxsLmNvbS90YXJnZXQtb...
https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/

132 KB
19 KB

1016ms
916ms

Document
text/html

2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

1d62ef30eb9e4489611aa0fed40f21207ddff23354c29df67c38f9b28e78a67f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=14400, must-revalidate
cf-cache-status: MISS
cf-ray: 7da6b68def931989-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 20 Jun 2023 20:20:34 GMT
last-modified: Tue, 20 Jun 2023 20:20:34 GMT
link: <https://presidentialhill.com/wp-json/>; rel="https://api.w.org/" <https://presidentialhill.com/wp-json/wp/v2/posts/27159>; rel="alternate"; type="application/json" <https://presidentialhill.com/?p=27159>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFbhGGE5YOkdsgpc5wN3SLZYDqZVBe1jokBSsOxhjuhbdwJgkgVpR1BiKTGe54obHDIMmoGyDUc3QCYl2gVKkQo0SKFX%2B3qFXSaX0dbwPSW5pwuzDneyWIfEuJrlC8nVSVP7Z8%2FIjX5Q93NpPpYRhWVF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Jun 2023 20:20:33 GMT
Location: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Server: awselb/2.0

GET
H2 200 style.min.css
presidentialhill.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6425b95c-17ced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Xe4nQCoghgMx4%2FSP5RwYCiRNdpgrrzvC0KLQGxCh4axay3JxmPjLH1P7Q8s1%2BHVbO0CI4xe8aBQJmVoGcjjGpqBsxC8TPSIaHwZqFa%2F5rdbw6mEa6DvGWoVV%2Fr%2FZOvyyWwmdQgaCnEoHsYMK7K4jp5o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b85e1989-FRA

GET
H2 200 classic-themes.min.css
presidentialhill.com/wp-includes/css/ 291 B
542 B 42ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6425b95c-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2F%2Fr193xCKfSFao3KBeSSmBm0cK8p45tmkD%2B%2BsPpiEA3TUWYiBHF9G5YjEnEl9iKOSOkOnI5z3%2BQlTouYLqwcAq6k9zwkY0lZNWi44CE3hZQpn7U44POpTQgDuU0UrIPXnmlqHpz%2FHdworUzQ88RfvWm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8611989-FRA

GET
H2 200 style.css
presidentialhill.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 42ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=cc1840e9c933374cafb3d94619867f37
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 22:26:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6467f7a7-92ec"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km9ln6ixizhD7beXyu1t1CpzRoDFR0UlkqmrCZDPRZga3beqv736Z7VZRQWLH1xzV218MeLBh4A0su%2BMFqeCt4S3ehQjZkYgRLWJdsyQwYnxguKvaIH%2B%2BMT%2Fd3E29oFYKUCWaiQbaMN5RMA84wO37ueu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8641989-FRA

GET
H2 200 style.css
presidentialhill.com/wp-content/themes/Newspaper/ 140 KB
27 KB 73ms
70ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/themes/Newspaper/style.css?ver=12.4
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8776ecc05012427ceef7381f1de931c1b7ec5e068e1287742adb9faab9d4835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 22:27:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6467f7c0-22e5c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bku8ywJJwNmhmKsQFQZr9YOiyXv2oH66KotrQny5fOoR9bGpbjMxkn2V9SdJVtD5Q%2BobHZtD6AkE%2F3NpX6ISdkyUdHi3vDLH07OFmyDwGQlIOrhulq7WAckIcyZTe709gC9E9mwaQhCnBSssDZHtLtZ4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8651989-FRA

GET
H2 200 td_legacy_main.css
presidentialhill.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 164 KB
25 KB 49ms
47ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=cc1840e9c933374cafb3d94619867f37
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3fa17629d2fdbccc8a0391ca4f8c798dce62e90c9db092db4fcbd7935f86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 22:26:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6467f7a7-2902b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BvSEWbq6N0uWzkRL7BBjVnSA4Mj4FZ6Mol%2FZWfZ2pMva7KE5yl82Yj7cI%2Bt1fkMTQC%2Bm33lXJR68LaZ5nsillYkKx0u3BW8TT3XjM4hhCssPXi7S%2FjoLF1DGUmeOEGQAkkkbbq9vYO6UytGTwRRpSK%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8661989-FRA

GET
H2 200 td_standard_pack_main.css
presidentialhill.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
64 KB 75ms
72ms Stylesheet
text/css 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=d39710269e5f4389cf7661fe4fdc36f9
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 21:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6435cd44-b2d2a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVtLFYJJGXAF4nT9HmGq5%2BDholPfFIFZRcW4yM3CqN6sMw1gncpu7M0BP0o2KddM%2B%2Fw5a%2F2XjujzyA%2FV1OgDbP%2BbBqcI9OWxtooxeIlufIumlX7FfQxY8bzHgCaWOIXTlR0F2H5o4ajr%2Bb0LSNAxpE7j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8681989-FRA

GET
H2 200 earnware-lib.js Show response
presidentialhill.com/wp-content/plugins/earnware-connect/public/js/ 4 KB
2 KB 75ms
73ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/earnware-connect/public/js/earnware-lib.js?ver=1.0.69
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d87ed8b9dea593a1d49c88373b68f9212b739588e032d5d070687c854984a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 16:14:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"62cc4c5e-1017"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTGRJat8bPN3UTOdWHWNFbKBeJ1N1N5t1Fuikt7hwMI9oNSfYO%2BKJASgwIDE4a20Cx4PjXIWz9XPZ4T%2BqVfowKMcXUrn1B%2BZp%2Binat8T4hqXSwHNTzXbJizUziFoKF4pjyUp1NHsrIQxq42LZ%2BMEwRJI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b8691989-FRA

GET
H2 200 jquery.min.js Show response
presidentialhill.com/wp-includes/js/jquery/ 88 KB
32 KB 74ms
72ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6425b95c-15ed7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4NASolbm3Vi5rRupzRT7PKLFmSi9QCdUdtqKA441VmCXjKCR7amUkQqIUDHOhH0shD864u2BpRbYfW8g5UJhYfKHqrRnwkTV4o%2BQhVFW0xtgDFQd06gdKftG3saOqg%2BzDaH6r07L%2FiuHARMktG%2FznVC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b86c1989-FRA

GET
H2 200 jquery-migrate.min.js Show response
presidentialhill.com/wp-includes/js/jquery/ 13 KB
5 KB 47ms
45ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"6425b95c-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6cQjmqMdemcUrHca2AyYBZQti7Dphg7EOmm0mmoyub96lTunD07YPBoTXSq%2BdElKuv9YyZI4Q2mLLA13k9Z46ybhGGAFMxVl%2Fp1%2BnL6QmiI6bwwZS%2B9TI5WWOVC9Xlkg7mRJjS8KIkPGNI6pGi9I6oP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b86d1989-FRA

GET
H2 200 earnware-tracking.js Show response
presidentialhill.com/wp-content/plugins/earnware-connect/public/js/ 1 KB
612 B 75ms
73ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/earnware-connect/public/js/earnware-tracking.js?ver=1.0.69
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843ce787c060f04c0334bb78db17bbea63a9f9c5b99466b3998be06be0d64305

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 16:14:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32917
etag: W/"62cc4c5e-40a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qad1cvTsCbwiuW4dQgKOGtnWYNrgZMnqF66hsAied1VROi9gERt914IHzoJz7EyjeHj4%2BsT1CmLaNqSUXekR7DE%2FbHYUT2iS%2FaeCoO3xfIsA10KGtvNt9Z9uwuyA8ycpO%2F6brRtg61YH7W%2F0L4dIcyJ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b693b86e1989-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 231ms
108ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1904937421153004

Requested by

Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412202024bfd456e58941897464943aacb1ea8b70ccd3ee5098d590b7cbefd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Origin: https://presidentialhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47273
x-xss-protection: 0
server: cafe
etag: 17716285770632181208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 242ms
121ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156882191-29

Requested by

Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54d7b9ac2b17ad54300498038f931bf2531a467ce42eae44e2b2bdaf91706dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47671
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jun 2023 20:20:34 GMT

GET
H2 200 Presidential-Hill-Logo.png
presidentialhill.com/wp-content/uploads/sites/35/2022/02/ 12 KB
12 KB 53ms
50ms Image
image/png 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2022/02/Presidential-Hill-Logo.png
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f905c148859be92e160837deec8bccd9700a134d483677e62190319f24f9729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Feb 2022 11:47:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269827
etag: "6210d8cc-2eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLefZ83uJVS3uCNo0bqyYA2WaaoqUFOWqWtFb5nX94Jsmpqi9xlkSwK93ZIZarTKVphVCYzSFBrMrTS8B1dPKpIGh%2F%2F4DnHJvau1eUn4v%2Bn7cdAvL2xULai7UNu5WD6vk5Avz65fbGlUHQ0V%2BuQq7J8j"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499b71989-FRA
content-length: 11952

GET
H2 200 Presidential-Hill-Logo-M.png
presidentialhill.com/wp-content/uploads/sites/35/2022/02/ 5 KB
5 KB 56ms
53ms Image
image/png 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2022/02/Presidential-Hill-Logo-M.png
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066fef5a04e4deb6fd84cb682b1b4792c49a83f38f135492faf24a11e3d52b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Feb 2022 11:47:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 295957
etag: "6210d8e3-121b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfhL1JLVQTn8O08eKu3h9kardhet4m9b2ybGU7cnxiWgTk4T0jGUEy5AgXk4HyRQbGyV3nm0d5v71UHNimk0zcivPJxRgvr6TbAaYTsLyGUbHgyN5RvXz8%2F5eVHTj4zxw2xp%2BwiN5iGYMu1dEwDwY1xM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499b81989-FRA
content-length: 4635

GET
H2 200 shutterstock_1934814941-2-696x508.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 61 KB
61 KB 622ms
619ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_1934814941-2-696x508.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ffd05bca69e48d6ce0d99238e5c129cd7b8dd5067019cc15c8d39a33cddeb1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:35 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 09:37:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dacce-f2c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bePXmusUvOscb7dftGkZeZm3NdyCS4cQ91UxfcN76w5nIUjMyKuf2uecemWZRFFknG%2FKqjjeiiVDvGng3DC63qUplAGW5DhVShMTaQviNFBqL2eTCwTn%2BTbOebtIvPbBIyz%2BWHDp07%2F0S1KY6xsXQaZz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499b91989-FRA
content-length: 62148

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 269ms
146ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e55943e8cf96e9445fbb820bb64931f4d3c5109b82e24e2fa06782aeef428e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48057
x-xss-protection: 0
server: cafe
etag: 18251888394954941352
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:34 GMT

GET
H2 200 shutterstock_2227820825-1-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 13 KB
13 KB 61ms
58ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2227820825-1-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089fbffdb6d3e4e26f8e946ddba7599b59971bf051373ceeb46d40ab86bfee4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32916
content-length: 13050
cf-bgj: h2pri
last-modified: Tue, 20 Jun 2023 06:46:11 GMT
server: cloudflare
etag: "64914b33-32fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk%2BhIKdvisgN3hFLU%2FjpLT4rA9L3TGJtuaMH%2Br6buyVNsBEm60R7LDV%2BM38He8dcuqaG94y739rj6oHwD964Qk9a6HGRHrpaYVdQQFXtAhhniZTz7s4LPNesabR1PHIQ8KKhiv7rEmfDGa8YcX2wylL7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499ba1989-FRA

GET
H2 200 shutterstock_1399803509-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 15 KB
16 KB 54ms
52ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_1399803509-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d428d71ab3abc8b07fc8f259689a3165b05ddb3403ab376098669968289b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32916
content-length: 15509
cf-bgj: h2pri
last-modified: Tue, 20 Jun 2023 06:46:26 GMT
server: cloudflare
etag: "64914b42-3c95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5jG45pBbn1J%2BD8HxN6aUmOwqkKfFVT%2FnaWdXYKIo571hJTiMfuyb7rLq2oZ3To6%2B81C6IYzFK%2Fz2jSVi8P8yv6i8uSkEILdGGTU1LvXEPM0lLL99kV%2FbH0zcfmkC3F3YVBDxFGIDnm9z3MpffvSIYWb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499bc1989-FRA

GET
H2 200 shutterstock_2279049329-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 12 KB
13 KB 334ms
331ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2279049329-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6a45782cedf2a84b1ed878c237046e658b0e172a852909224232d2118ec7be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 00:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648fa295-3107"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX6ozWfsZWHw%2BJqaEgeqkuzRQWt%2Fx%2BGgXR7quied46jK5ouo98hqmHkQVWmVwNmpktxp2eoZxEIIE%2BPszMfWqWfMBUpr5w42z9jOPJ7tViyUGiqleEdMhAzvlanNKZY2QgGz%2FMFy8juuqccKmSnFFrHl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499be1989-FRA
content-length: 12551

GET
H2 200 shutterstock_39886366-2-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 11 KB
12 KB 61ms
58ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_39886366-2-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75977caf5356bf26a79a970cff88c384fe5cd12ce718c4c417b24ac7ce96e7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32916
content-length: 11443
cf-bgj: h2pri
last-modified: Mon, 19 Jun 2023 00:34:28 GMT
server: cloudflare
etag: "648fa294-2cb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1z3xxRaNw43bPkTLTIKiIdXUTGr4AVzRieAF2lwLQqpDuxWxCmIAMKUjk1ONljzBFShk0yVzTDGQDYVE4zhNzEdZY8PbUBjGcTqCR5NlyXSfoL6q2hcbOwrTlj4C8aUPouUj3ROdPjJYM4DWGtfkcLA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499bf1989-FRA

GET
H2 200 shutterstock_2215864145-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 8 KB
8 KB 58ms
56ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2215864145-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3330ee2b37ceec01eea25e6ebb317957268f93cd5b74eaf2232df7fe0e58cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32916
content-length: 7969
cf-bgj: h2pri
last-modified: Sat, 17 Jun 2023 23:15:24 GMT
server: cloudflare
etag: "648e3e8c-1f21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBl5m3SDCrkaDi2JYtgemijPG28bs84bvOXHYyY5xXo6Qc3wrwaOjocZLGEU3NZy7bSC%2BqxPWmkrzgTJOqivoPxpjA09cIESXy3c121owijb%2BEThl5w5hxsuYcauqpdxXZ0FcS%2FxK9AcDU9%2B7wpedUF0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c01989-FRA

GET
H2 200 shutterstock_2298389419-1-218x150.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 18 KB
19 KB 59ms
57ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2298389419-1-218x150.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095a7119de51062bab96bf33dd603f2d1f222640ac3d8ff11244a5269cc93f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184649
content-length: 18889
cf-bgj: h2pri
last-modified: Sat, 17 Jun 2023 23:15:23 GMT
server: cloudflare
etag: "648e3e8b-49c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jToKi6Z6qDNmBYWStvwnYgjqmf6gibIs4cMY3sRd4vt%2BZQo9OwUzow7%2Bwhsw6iKAhYT%2BoFWeRmnpTCjHb%2B%2BBpr1PbO8VBfae5fVIT15NTQ3JiEu04hU%2FzMsEYEYEp3ad7SMNwY8lbf%2B76RwvubktLbDc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c11989-FRA

GET
H2 200 shutterstock_1530996059-1-100x70.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 8 KB
8 KB 61ms
60ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_1530996059-1-100x70.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c5b112635e7f6c91cbb82bf1de510a3fc54442ed447f62cad52d2f5cfc88d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 209525
content-length: 8296
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 23:13:15 GMT
server: cloudflare
etag: "648cec8b-2068"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW35I2yKVq%2Fadenw5klKJFa0i1y%2FTp8u3eRgVUFa4FCyuy87CG3ytDc9cwpYV3Aa3ypfbRj3nUudfH6HLaT3bq%2Bij%2F0SzSCiTLo%2BDCrZlcLao87zwfd7F6eMcp2FgC6iJq1Ke0kCMp0%2BoXOgkWpzUqMn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c31989-FRA

GET
H2 200 shutterstock_2281185719-1-100x70.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 7 KB
8 KB 56ms
55ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2281185719-1-100x70.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58576087a6fd082773e548c213f2e52f9e23e39bbb64a6a21496a1ae0f9523d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270819
content-length: 7377
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 23:13:13 GMT
server: cloudflare
etag: "648cec89-1cd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dMcL3Tj3snTW3sfKJ3F%2BVETSLsX8%2BVdANAl%2Bu%2BH6rHY%2BEFDMwMNPIUFTEge6ea4m546kF2SA8BTiIjCrpQF3BYt0g62HylJ9uvj8NE%2F%2BB3z1KZ4GOOEnGbdy4Epnwc2V%2BbhMjRbsFPnnN4kiOoIp%2BnC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c41989-FRA

GET
H2 200 shutterstock_1891015804-100x70.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 9 KB
9 KB 59ms
58ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_1891015804-100x70.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97aa7d934532bf9f766979392e48e202f89326bcd03d4683be8b7ac573ee174c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 443800
content-length: 9149
cf-bgj: h2pri
last-modified: Thu, 15 Jun 2023 09:40:26 GMT
server: cloudflare
etag: "648adc8a-23bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jteLk0yXTLhd%2BaercZkq7ChrfP%2BPuyOhSsC29%2FR0%2BYK7ZGTMtrIJcweHVOd07yvCrPEeZRlC%2FhGHNwDZdu5baf6wvFUji2R763DxPrTZ77k3iChz243GGIYFhP%2FF%2Bhesey%2BXHWI3lbLTvzJicBn4EVJF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c61989-FRA

GET
H2 200 shutterstock_2283841721-100x70.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 7 KB
8 KB 61ms
59ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_2283841721-100x70.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d195c7a10b849752842b8976d6b6720e659e450b710c06ffed5bbb326afd958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296073
content-length: 7670
cf-bgj: h2pri
last-modified: Thu, 15 Jun 2023 09:40:28 GMT
server: cloudflare
etag: "648adc8c-1df6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i1TNKNTCvGzJ4J%2BAWPwT9g2trSHV9RKVwJbpPihTQF5T%2FB5jldUMse1MctWnmTIO4dJFIZXYZtHImBJjRHCUTgqlRpBzF5xI9vPkcH9KquAFDmhRXCf8r775A5gO0jWXt7h%2BPqMYSS2BihwIn1n8gJ2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c71989-FRA

GET
H2 200 shutterstock_1184617738-3-100x70.jpg
presidentialhill.com/wp-content/uploads/sites/35/2023/06/ 7 KB
8 KB 60ms
59ms Image
image/jpeg 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidentialhill.com/wp-content/uploads/sites/35/2023/06/shutterstock_1184617738-3-100x70.jpg
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5ab508ec0d4ce9d7d4ceb49cb7a7e5beb4900a52ef335e70bd43c5c7e95bdaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 363652
content-length: 7463
cf-bgj: h2pri
last-modified: Tue, 13 Jun 2023 16:42:37 GMT
server: cloudflare
etag: "64889c7d-1d27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTo%2FzRqy0LXkLhsKOdf%2FfdFWdMsogBaYT1lbW68TRvLhYrPoATBxsQ%2BFtnC4wroJgOVZQ%2FQ%2BoIgq6r1ewMMoJKrKjISV%2BggNIflCA5GoDHwehPEzq%2FRPDPYWiV32Uv%2B1bNT3YQ8Cmj0lqltz38ETpjL5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b69499c81989-FRA

GET
H2 200 wp-emoji-release.min.js Show response
presidentialhill.com/wp-includes/js/ 18 KB
5 KB 60ms
59ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 16:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32916
etag: W/"6425b95b-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egylOhi39Asp3gUncJOO%2FIv39WJgQJe8G%2FoGiGtp%2BtmL61edEmnh117L3DAIU%2FuZamgbe2aDog3umblelY6qKuQjO0qhC2VWjHv5l4d1BFKC0UXJy6GuNIJh5UAEJr0Kr3cv1vtHpEnmynL5W%2Bt9U%2FqR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b69499ca1989-FRA

GET
H2 200 earnware-merge.js Show response
presidentialhill.com/wp-content/plugins/earnware-connect/public/js/ 1 KB
1001 B 44ms
43ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/earnware-connect/public/js/earnware-merge.js?ver=1.0.69
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 743f65b0622a16c8d51e6d35c9d7a4e058efd02fe7bceb4baa86a87abe05b01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 16:14:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32916
etag: W/"62cc4c5e-50c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4mysc2eC0if4OtV65YbboTZ0AQXl2%2BqjdNOZbNukprXOvskPv9sSJC1jxjSMIvQweKN%2FgakJ0193o3vtKNPr%2Bj4WzW%2Bz8ck2NH4xS08bBcL1LIAm4I88Lxo53%2BioN8HwTa9WdLH4uBoL11VEuQMAZ2Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b69489861989-FRA

GET
H2 200 tagdiv_theme.min.js Show response
presidentialhill.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 305 KB
73 KB 54ms
54ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.4
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6759d4716d97179af23e3c1317af9a17baece28acd0ad005eae3b7e3baeacda9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 22:26:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32916
etag: W/"6467f7a7-4c46b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4UlZwJvF5LMnV1rLhQa6v%2F%2BGM5dn%2FrGMBvH7UVw6MtKJ2hSo1YRLiP%2BHypN6I2bL%2FrAkv%2BvSCl2WiGLkjJ6WpI4ng4JZ%2F9bRPzlK%2FFz6uCjmpiVwvamYpfyv3nwdkHYSoYcc5zZcRMZ649ZKP58mB8W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b69489891989-FRA

GET
H2 200 comment-reply.min.js Show response
presidentialhill.com/wp-includes/js/ 3 KB
2 KB 51ms
48ms Script
application/javascript 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32916
etag: W/"625095f6-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc1UIP3GAWhMGYBPQoTviRtMZex2%2FIaXh0xlPZxRYI53HXKhRTaw6ACrS0QUhxbnxS7wTn%2FtnD3E5iNsqpsbyZjSMm48YyhFWFLQhkGbtm2w2DpJk3J6H1apJsUDol677qjTGdXhB2lPrRIpU2HoYfLE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7da6b69499b41989-FRA

GET
H2 200 ajs.js Show response
cdn2.decide.dev/_js/ 7 KB
3 KB 133ms
36ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/ajs.js
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/target-memo-confirms-they-know-they-screwed-up/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 3dffa84e13fbc367c907ff31e293923484de18c4c06cac97109e4b9a1b19752c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 17 Jun 2023 18:32:52 GMT
etag: W/"1a71-188caa1aae6"
x-hw: 1687292434.cds240.am5.hn,1687292434.cds321.am5.c
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2973

GET
H2 200 newspaper.woff
presidentialhill.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 335ms
334ms Font
font/woff 2606:4700:20::ac43:4497
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presidentialhill.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: presidentialhill.com
URL: https://presidentialhill.com/wp-content/themes/Newspaper/style.css?ver=12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4497 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://presidentialhill.com/wp-content/themes/Newspaper/style.css?ver=12.4
Origin: https://presidentialhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:34 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 19 May 2023 22:26:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6467f798-82d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLeQFvs80DAnWSErfpgD5PSKk3NRRwFGJvUtF4iYtLJQMcBNMK2O%2FaxbDNUnelSUNHb3UiCAGa06eRqkV6H%2FSef07pzHSWUM%2FsXDPrUF2xFcPITH%2F6Y6mEsEepMxNy4p%2B38GiPm%2B4oC7ZhxCzwCuhuyH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da6b694c9f11989-FRA
content-length: 33488

GET
H2 200 14801614930392422 Show response
decide.dev/lad/ Frame 10B4 1 KB
1 KB 290ms
191ms Document
text/html 34.149.139.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/14801614930392422?pubid=ld-3925-5763&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=696&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 20 Jun 2023 20:20:35 GMT
via: 1.1 google

GET
H2 200 15683039694886758 Show response
decide.dev/lad/ Frame 071C 1 KB
1 KB 262ms
189ms Document
text/html 34.149.139.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/15683039694886758?pubid=ld-4737-4954&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=324&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 20 Jun 2023 20:20:35 GMT
via: 1.1 google

GET
H2 200 14801612749354342 Show response
decide.dev/lad/ Frame 769A 1 KB
2 KB 260ms
188ms Document
text/html 34.149.139.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/14801612749354342?pubid=ld-9018-5367&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=1068&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1376
content-type: text/html; charset=utf-8
date: Tue, 20 Jun 2023 20:20:35 GMT
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 188ms
57ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156882191-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 19:04:42 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 20 Jun 2023 21:04:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 143ms
142ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1904937421153004&plah=presidentialhill.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1904937421153004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97366dd9a568f1654599b460d4d3a6442bafe4e2015ad2dca52392b06ac2259b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120787
x-xss-protection: 0
server: cafe
etag: 2594504751778174707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/ Frame C976 10 KB
5 KB 172ms
55ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1904937421153004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 21:47:11 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 21:47:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 769A 45 KB
17 KB 108ms
35ms Script
text/javascript 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: decide.dev
URL: https://decide.dev/lad/14801612749354342?pubid=ld-9018-5367&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=1068&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decide.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 18:44:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 20 Jun 2023 20:44:44 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 071C 45 KB
17 KB 116ms
44ms Script
text/javascript 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: decide.dev
URL: https://decide.dev/lad/15683039694886758?pubid=ld-4737-4954&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=324&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decide.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 18:44:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 20 Jun 2023 20:44:44 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 10B4 45 KB
17 KB 145ms
74ms Script
text/javascript 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: decide.dev
URL: https://decide.dev/lad/14801614930392422?pubid=ld-3925-5763&pubo=https%3A%2F%2Fpresidentialhill.com&rid=&width=696&path=%2Ftarget-memo-confirms-they-know-they-screwed-up%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decide.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 18:44:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 20 Jun 2023 20:44:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 65ms
65ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=753981674&t=pageview&_s=1&dl=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&ul=en-us&de=UTF-8&dt=Target%20Memo%20Confirms%20They%20Know%20They%20Screwed%20Up%20%7C%20Presidential%20Hill&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1385983817&gjid=1526557000&cid=190718066.1687292435&tid=UA-156882191-29&_gid=1387828442.1687292435&_r=1&gtm=457e36e0&jsscut=1&z=1161205174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://presidentialhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presidentialhill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 307ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=presidentialhill.com&callback=_gfp_s_&client=ca-pub-1904937421153004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1904937421153004&plah=presidentialhill.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c13e2c868b551bf48530349ff8f98bfd8d9787113ad96c3f3d666aaf221d8065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 299ms
67ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=presidentialhill.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0D2 161 KB
40 KB 817ms
816ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&adk=1812271804&adf=3025194257&lmt=1687292434&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292434980&bpp=4&bdt=486&idt=294&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6301331392234&frm=20&pv=2&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9104f11c80c7ddd182c87be2fc8b2cb699d45ce841d76674773459e9420a01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:36 GMT
expires: Tue, 20 Jun 2023 20:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 66ms
66ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=presidentialhill.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0173 113 KB
38 KB 1288ms
1287ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=3269428252&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436189&bpp=1&bdt=1695&idt=2&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypVWfRVY69&p=https%3A//presidentialhill.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b69a8c5011af30216659c1370051907c4c348b7586d2c3b963420a70bb0c9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38883
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:37 GMT
expires: Tue, 20 Jun 2023 20:20:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0D7 99 KB
36 KB 1468ms
1467ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335928df1c90907a8127b4d3a3a066a23553dc4a6fa860fea5b869300ccea178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36759
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:37 GMT
expires: Tue, 20 Jun 2023 20:20:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7801 32 KB
13 KB 507ms
506ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98dee0a686666d015a59744efe8c1eaf4f791b7f97d52601fa4f74eccad47412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:36 GMT
expires: Tue, 20 Jun 2023 20:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 107ms
106ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230615&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2d8ff5496d7afc6dccb37eeb542633330d3cccab01422ac9a777aa9aad952c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11265
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0751b7b957ccf2a0dedbfef2a0b29a03daf33840a868e8d5e3c12a74410c7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52887
x-xss-protection: 0
server: cafe
etag: 7037581950225867388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 194ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
67ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=presidentialhill.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame 9E4D 10 KB
4 KB 57ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 22:19:31 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 22:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9E4D 4 KB
1 KB 190ms
67ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:51:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E4D 205 B
649 B 178ms
56ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:47:41 GMT
x-content-type-options: nosniff
age: 9175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jun 2024 17:47:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E4D 604 B
718 B 178ms
57ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:02:30 GMT
x-content-type-options: nosniff
age: 80286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Jun 2024 22:02:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 9E4D 23 KB
9 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1e0d9bb27d98ce0643afa0971f9506808531e3334248652e1adad913643bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9398
x-xss-protection: 0
server: cafe
etag: 5140267580575902152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 17:34:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C07A 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:02 GMT
expires: Wed, 19 Jun 2024 13:53:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 115D 783 B
1 KB 188ms
66ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2014549296f3f169da318013e36bee02b6e6ca294811b429fb8d39dbe68e2f2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9PJ6aiD1X3OiIFmQWMO_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://presidentialhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-f9PJ6aiD1X3OiIFmQWMO_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:36 GMT
expires: Tue, 20 Jun 2023 20:20:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C07A 37 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H2 200 47a9bcead4760fc70edbade504912d92.js Show response
www.gstatic.com/mysidia/ Frame 4E6A 8 KB
4 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47a9bcead4760fc70edbade504912d92.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce53d1f901f9183b5f311cb21e679c23b258947e8dc9e453414ca6677c1d09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3658
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 20:44:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 22:42:31 GMT

GET
H2 200 90afb0cb71845e82a86e0598c8e4bd7d.js Show response
www.gstatic.com/mysidia/ Frame 4E6A 18 KB
7 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90afb0cb71845e82a86e0598c8e4bd7d.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

461e29561fa0d28e3ce0d0e0470d9c2e446825c69c7c4c0a716b503f9c37fe62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7492
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 20:44:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 22:44:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4E6A 14 KB
1 KB 68ms
66ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 19:30:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 4E6A 2 KB
892 B 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:19:14 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 4E6A 6 KB
2 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:41:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 4E6A 22 KB
9 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 4E6A 3 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 4E6A 19 KB
8 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E6A 178 KB
56 KB 206ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 4E6A 32 KB
14 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 7801 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 7801 19 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7801 178 KB
56 KB 275ms
160ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7801 0
0 103ms
103ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKbG3FAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKECT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSDBoGf8H6mm66cPPLaBIBXn8C3cvdxrndenIGmmVCA5s4xQRlHQXYAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE5MDQ5Mzc0MjExNTMwMDQYAA&sigh=Y4hTe4zZN10&uach_m=[UACH]&cid=CAQSPABygQiD2p5-8PZpGWsJnoolofaPTiYO32DUKKTC1QIiOh-nElVT7g_RHP6HY235As-ifVLiXVf_-1ME8xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:20:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7801 0
0 111ms
38ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k5vth8k7c458ydq8w3d2egvh8vs8cvbnrqbf2c2xyhtsagpt681txyjcjsh7pvgwkvqe4svx4jm4ha62gf685jdvgpbvvmybg3rdxv9psc2h7fk266dww450q0frbbgscgb0ambpmmkhq04470jc314dh02w3ev2cqxd9cfvc8j6f9hjej1a7vv1dff2bn3sz4ydtggwz5heqztthxctjg0hpakn5fr98zd5vbp7e9dd0mbr90h86gkjs7wbv25yy2e8rxc0b7xrgq4dsenhys954pyehrkwg0sqxhnpdap2n6apgjj8k81g414fwd364eq85zn6tee1vfajbphve1wsk6eh9rr8v2fayy7ybwsggtnqbg8evk4yy28m6tf3n489x9z395gr48&b=ZJIKFAAEJhsK7bzKAATVL68QETE5XT8iInQqnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jun 2023 20:20:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A70E 2 KB
3 KB 143ms
64ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

658ad047db1995289c4f0f119fc2fe439b9efa1913c36d8d9d0d43d81a4b7b79

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7da6b6a24ad40410-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:36 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 17CA 1 KB
643 B 58ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Wed, 21 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 115D 0
0 93ms
93ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230615&jk=2341992175490257&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C07A 0
10 B 58ms
56ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1ljsOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7801 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d58f33fa7040610b40a6c773df73dae1a34c2d9bc95dd3a3949212806fbd02a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 17CA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECXBvKx2KxEYSxIri5iqkHU&google_cver=1&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef-KP_LoFAb3G4XEU

170 B
329 B

82ms
66ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef-KP_LoFAb3G4XEU

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Jun 2023 20:20:36 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPHxwYUnT1rJ1PdOHYORd-nVvyjdtJckh4EMFxl38dfWM7OX1pDpMdzO-uytaiDP0eMIUX5oZRo6ejLOaef-KP_LoFAb3G4XEU
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Jun 2023 20:20:35 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 17CA 0
187 B 104ms
29ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEF9LWB-TfFHcfM-y46_Mg_8&google_cver=1&google_push=ATf1kGOCxfpkQIUUwfpkzTGYSOsk4N4uGIz2P7shF73jcdSEW6N3BeOnOHVz-omjU_DGT2c6Xuxzz40WYEI5DrjwkymXnymYmB1JwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 20 Jun 2023 20:20:36 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 17CA 0
172 B 108ms
34ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEkZzFTlReHYEhTarwjsVRs&google_cver=1&google_push=ATf1kGPxiXITdYKeBM02thPKZo8LGBfZTR-t_Uqpf6Ij7vf41jp1xN8craI61qjkxzmSEV2dJc51p9ReBM_4S34zpWyc1JM0qxSiNho
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17CA
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENErEc0rETujPfqEzTs_VVc&google_cver=1&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo5M4bx5WW3434N0yHw
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VFFSVnhSbDdEWGVaMTI1MEZRcVNaQQ%3D%3D&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo...

170 B
188 B

69ms
69ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VFFSVnhSbDdEWGVaMTI1MEZRcVNaQQ%3D%3D&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo5M4bx5WW3434N0yHw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jun 2023 20:20:37 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VFFSVnhSbDdEWGVaMTI1MEZRcVNaQQ%3D%3D&google_push=ATf1kGMHIQcgynZi8wFOTzwZbsBaR3GQMMRQkhloRVPWR4nGC0n01qto0-M0eSKntq7YSjxmYzK2cE6-MY5wo5M4bx5WW3434N0yHw
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 245

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 17CA
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIYusMgIhMcgapJ6CepCG1Q&google_cver=1&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIYusMgIhMcgapJ6CepCG1Q&google_cver=1&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONX...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug

170 B
232 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOIl_icYSBtQuoQwo1uiWu2ERvThYKNpQEiETb2XHI97ruAT_xm2qf6n_UaeMfQU_X7-PgTJ_ioYPbdta1AXzONXcY--qB_Zug
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 17CA 42 B
204 B 122ms
37ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFhsw49Okqy_tOMRb2585UY&google_push=ATf1kGPRSWzlMrV7dinQezZC9ZU2BdPVR1NKdDmFq7Iu_DuzxLFVW1hMAVW7T9z2RR4kYyln7FQh995-ksSw9z6a8a3TEAXSF5wKPP0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=250&slotname=9562454237&adk=325366103&adf=2614346290&pi=t.ma~as.9562454237&w=970&lmt=1687292434&format=970x250&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436209&bpp=1&bdt=1716&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xDmCQCPs4D&p=https%3A//presidentialhill.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17CA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOz_DCM7c0bBt5unafTEj4c&google_cver=1&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrBs...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LbvtYqlFW0F0dFCHHa8gLMEg-OE&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrB...

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LbvtYqlFW0F0dFCHHa8gLMEg-OE&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrBsKNY48kIxyANNf2w

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LbvtYqlFW0F0dFCHHa8gLMEg-OE&google_push=ATf1kGP9MiyY8eoFZ06D00Mq6sILujqCvuxdLq3D36AaEhOpbxJvnepvrDlYI0g7qQbNojxAx-NMODtqexodrBsKNY48kIxyANNf2w
Date: Tue, 20 Jun 2023 20:20:37 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 17CA 0
130 B 195ms
63ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUgiQez-QmG9vgCZX06K_iONps3_FHis2_93ugVzSxFn0zzFn7PC48dKx5QpGN8KGISDlB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 465B 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame A70E 106 KB
13 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 979771
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=822ZEXeBXiaBywvv7qNfXe69Y4myKeZzgD7SoiqRsGQuq9ADVkmEMPlByX3I71DhGZjGLtmSEnzVopglg%2BvI3WKwDUJ2zKg%2FdMi%2BSdNZy2A4GWfhsDAAPkKtlS72wW5eBh%2Bcbl4q2yI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7da6b6a2ab4f0410-FRA
expires: Tue, 20 Jun 2023 21:20:36 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A70E 25 KB
10 KB 54ms
44ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 97018
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiCPR%2BcY0M%2BfM8WyyqXk%2B18yapohz7aKb8cEKAB%2B8J9KbgCS9XLaoW7LuZrNIFhTReHvIoOD21RiN%2BJG31iiCJn%2BdUKq9an2TD0i%2FnpJbCQOswUHY1C3Cww2lVTvZ%2Baqf9nMbPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7da6b6a2bb620410-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Jun 2023 13:46:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 465B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
65ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:37 GMT
expires: Tue, 20 Jun 2023 20:20:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A70E 3 KB
4 KB 106ms
37ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2669
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksoZke%2BK1YOIKy5f%2F4dPZaAFn6bdchnlH%2FS70cOr0Vr39oweLQOWWtDv85DhO3PE9ZNizceN%2FzLWtpnTBqCvqnJQOFxvnW5SaRj%2BHB3CwIuZwssQP3NOxYZ3smSY2j2En9uKfbX11aMROUNU6BR3ORM%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7da6b6a38e60926d-FRA
expires: Tue, 20 Jun 2023 20:36:08 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 543C 2 KB
1 KB 45ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013524
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7da6b6a31ce51bdb-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 20 Jun 2023 20:20:36 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYkB2i8THqMIxG2D0xuJL1I5A7ye2Fz3tQBO8wljV%2B4HBeLIsmpx2QB9danrA6QXGdtiug%2Fzy%2B%2BvvojSsx2yW3WqUqdiaCSXz%2Bgfr78YuUcN4xcDsUYYvWaMjnFk4vR9ymO63DA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E6A 0
20 B 93ms
92ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAACASUAwBAoNEAMhAAAAAAAgYUAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAgEpAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAACw-_JAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAMzM7HVAMAQSGkNJWGg5cEhXMHY4Q0ZRZXo3UW9kbGR3Skx3Ihp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/90afb0cb71845e82a86e0598c8e4bd7d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame A70E 2 KB
2 KB 60ms
59ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70cf57077731c4864b1b3c4e9fe26d8deae1bf00bfb46107df00da65b428d79

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUBR1LfTLgTZkqfR68DQMZ%2FK4BJpTh7FLe%2BKwpNfuc01aW20jyVj1C3jD7kpkF0hPpB0WucFEBwBWta2RRfFFZchgutD%2FmQZyFf6EKN1%2BotC91Yv2o4U02X2LsPOOebc%2FMS1FoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7da6b6a498089b8f-FRA
x-backend-server: aa-reachservice-group-europe-west1-8jrm
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 93ms
56ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7da6b6a43f989b8f-FRA
content-length: 24
content-type: text/plain
date: Tue, 20 Jun 2023 20:20:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4CA4IXGuqL4lVX%2BLkmMAbJwYuXTAA%2B%2BYccueAcfkC8q%2BVKbZnGR6lpxosVEp7sbeEGTupdzaWBnfpWFgfkRYoGzK6qcaqODL8dDcUFo%2FTeGlVBg4i9SwLzY3G3DTyJZM65gjLY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8jrm

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E6A 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNEBQhAAAAAEB180AwBAoNEBUhAAAAAAAAJkAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAAAAmJlheEAwBAoNEDIhAAAAAAAAAAAwBAoNEDMhAAAAAAAAAAAwBAoNEDQhAAAAAAAAAAAwBAoNEDUhAAAAAAAAAAAwBAoNEDYhAAAAAAAAAAAwBAoNEDchAAAAAAAAAAAwBAoNEDghAAAAAAAAAAAwBAoNEDkhAAAAAAAAAAAwBAoNEDohAAAAADQz8z8wBAoNEDshAAAAADQz8z8wBAoNEDwhAAAAADQz8z8wBAoNED0hAAAAADQz8z8wBAoNED4hAAAAAMzM9D8wBAoNED8hAAAAAMzM9D8wBAoNEEAhAAAAAMzM9D8wBBIaQ0lYaDlwSFcwdjhDRlFlejdRb2RsZHdKTHciGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/90afb0cb71845e82a86e0598c8e4bd7d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5458 9 KB
4 KB 66ms
66ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16202fc8f53911aac5adede9ca38550f7d9a8552deaa02f6b77c32b976f05758

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7da6b6a4ff691bdb-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:20:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 5458 106 KB
13 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 979772
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPkf2ZOdJ%2BZeNe2shfRTfiXPzBcXn96p5SyfkFTu6yyeRsaZjJcP2g61dVwWioGPyhV%2FLeZOkfUTeP0q0Y4RddaRK8awqj58snuPpS8tHfK3lWyj%2F6XfwV9YKfnH4YgEEeLfpz5st7U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7da6b6a568311bdb-FRA
expires: Tue, 20 Jun 2023 21:20:37 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 5458 2 KB
3 KB 53ms
43ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2314856
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahHs7Ookvzbm6wxSrmYYiaPbWNGu0ZB4s5Jqaex%2Fmum6l7FKO%2FA2YtxZgVc%2B5ZcltGw5Y%2BfHudiu9VBBv%2Fb0O8bqsx0UnFHd5%2Byr6xTjSvG4OUhYBzFkahjKci%2B0POwy%2F%2F2y797J%2FMrvu%2Fzf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f2e0410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 5458 253 KB
254 KB 67ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381604
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZk4WHjpLDOMPvns%2ByvT6NAKHC7VnCcQlo0faKSrSvNhk%2FlsSCRd6WIpxFON5XMQAkf7%2B6Y7zDuezhmLvlSHGAvzotODp3Zdv4Tj1EOl4hXU5gNlLlydZTVHniR439WHEDEbJqJXjyPJBy6F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f310410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5458 43 B
704 B 151ms
79ms Image
image/gif 23.197.149.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.149.186 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-149-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:20:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5458 53 KB
54 KB 53ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184196
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twS07%2F3mK%2FjLSEKr6p4%2B55Qmyq3llTYpk5ZXeKnSHu4JQXa9W5g2ZDLQ6FyAx7%2BbOmxYgLRAT8I78q8n2K33n9YkYEb5Sl8YWTfA6%2F0edW1lQXqwBaNVgHMGsD%2FC3LdMDJWXi5mkKk5aZglX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f3b0410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H2 200 94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame 5458 10 KB
11 KB 66ms
57ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2628654
cf-polished: qual=85, origFmt=jpeg, origSize=57873
alt-svc: h3=":443"; ma=86400
content-length: 10528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:57:42 GMT
server: cloudflare
etag: "cbdcca70875184d14fb32ad75cb24482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoArTjaayog6rTunyUr46SF8bwhR8YyfX6g75DtHMrMsg5UCJtFd0GQ6kfUmNSLROKtE9nuhXKSXjhvm9WcgbZpQnTAcvxR933mZcMzH2IWLTwH%2FfM8jwsjNqCZzbE0boQ5LRUmYRseB4bUf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f380410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 5458
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPTe-ZLW0v8CFYug_QcdJYkE-g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

133ms
51ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:20:38 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Tue, 20 Jun 2023 20:20:38 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 5458 10 KB
10 KB 67ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 689944
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00CHNUwZH%2BdBMFb0nRmyTcGWF6C3ZB7UQ2b4YjdeHU6sJLRgP92rJ5mbF4F5NiIDQHVN5Ha7D7Zu%2Fw47qgt3La4f6FGkPYQj8Gg%2Ftj%2Fq23BaUBga494VAMWLHd5d9mrMrkNePCdHGLUxfTzU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f390410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 5458 62 KB
62 KB 66ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2092476
cf-polished: qual=85, origFmt=jpeg, origSize=147073
alt-svc: h3=":443"; ma=86400
content-length: 63400
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 15:04:55 GMT
server: cloudflare
etag: "e44a44957fe69adf713d422ccd04196f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=In5t231labkanCrxpA%2B0Ng6IMk7WGOWsYeN29SLw%2Fapoj5m2MioPZuwcRs3BSJk94rhW2anIPFHC0%2Bxc68lM64Bp3%2FvO9JfQ7gPjYXHcL4DwNwUcTECG7DYroYSBAXXJlaOiFlf4kTvqCK0O"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7da6b6a57f340410-FRA
expires: Wed, 21 Jun 2023 20:20:37 GMT

GET
H/1.1 200
OK 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 5458 0
366 B 267ms
124ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:20:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: C120F8E1:CB62_91EFC182:01BB_64920A15_212F5DE:25BD2
X-IPLB-Instance: 40027
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230615&jk=2341992175490257&bg=!bG-lbzvNAAaGYqkwpmI7ADkAdvg8WlwV77ANQ5YHn232J3pCgxc2BUvOJwxfP2FfOBn-iiPYLFd-6vpOMfKWxvpI3oo-4B3oMYACAAAAmFIAAAACaAEHmQLhHvO8413ofr5VPcafecyDIyzcUpSGxcqBeeUHcwd54l4xQjiETDWvpXiTLmNa3BnsNOEonYib8Xr73BUtXaf-8nizI9rkTX0NxI3lvUC9NVBClJDUe18X4V4VFRN-AImLchiuyxafcqnWJ7-P65cD_9XNPkuyp2N5kKnEfz2Nav9Y9TTyoU7b_wpn3fE7oecfxOOpMy5iE6itT8xC0Vpjzs-e7t2zM1Oq80EX1ilCIXc_ynXFlwu1tQsCKCF3Pbzc4itqvrCTgoGkuMsaGP_Ks1dvKRAOcZh6G5WwUcKthSr2tF2Vg-gMpMzHSH0k1znPQuij2_vZ_7xp4YCok1tCk5ZPJePP8_MBFVhdw0T3smD5bPSfdY3Fq-66Vn4G_73x0VdQaQabnZi2nRsMNCisuW0cnqVZmc31NosmxCQpiGFPi46pVDIKCC_pkcPb-7yLnzEDXZaBRokHCtbXdAVp3_2LOO_zCG9T-jrgEFkKvUOz_rsJBM-1XviprVGYyRsdj5Jkjk-9HkLDOfLAtA5Y_jh3SR9OMzlsLcYsNCEJWCf9yyfQ-dPTRZFaPQjmrIaW8GgeicN8Z_P3tmybAqQ3IgkflGXXQNqqF7kozfCaM6-nrDLIbgAqtehyKOEBbJxhKWeLvRti_hULu0xgNcmXdNDWKi6p0wLUJHUuGQJMk9fQ33ayuHeMNt1JjqWznsC-6vOLB37-PyWJkZq6qk2X2jyBMefa1cu9l9VAGgVDLgwqPOomt0QR1NAOwjSZye3C_CP9mSY2LVIQc6YTiplrLsWjXgmI83myZ2fWxoF8nToysi8DRFSraXVomTorAtXfjoCX513Lhvb903jqphv-NapiDdszyuAsHi67LJmsxXtOXo2RF4ExeZBtoUnQqKXS_deLYp-zwaT-ka6LuKgG5uGcZOFG76uf9iHaI3Kw2edXqKKSY3cF8tlnCHhI27BJ0rljt-BvpfghkiIpya9yCG4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presidentialhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 0173 14 KB
1 KB 67ms
67ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=3269428252&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436189&bpp=1&bdt=1695&idt=2&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypVWfRVY69&p=https%3A//presidentialhill.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 20:00:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:20:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 0173 2 KB
892 B 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:19:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0173 0
0 104ms
104ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZHmhFAqSZJqxD8Tptgeo7Y-4BaCt25txou7z0NER463z5fUKEAEg0KzfMGCV-vCBjAegAdTFlo0pyAEJqQJ3kd8tzk-yPqgDAcgDywSqBK4CT9BLp1ZFMf_67H_oxadHrpP2Wx4gac_U4yHD_VOSUuoggPP8vcyExhaIF5BZiKMllbs_gTi4slIYp-OT-VnqVDcmPI2ALXIpCHeqgMlL4C2_2pkaP1MkN29jg0WxuZBNzHaWUz2-lcnNjY58lS3ksVBlfgMuHI2yU1xJnmIYUKSBTgs3xdZFUZzrW8b_pppiKizUnqK6D4Frv4edGMjpaqb5Qa9Wr_mynG6C99VcCIs_EEZZdFsYf1VaXk5KA52udlMtO65Yi5xjqmbxx5sztqNTxoci4NRALRXrxF6mQbM6IPIE2Oglfe9e5m_HZrwPwnd4hdXdg4ASpApT7pX4EKfGROlEYAzRGd7v3OdaDQHWeVpJVPIZDajYfoCjUmxnz5f9FDVcUb8vvxlheH_ABNbasqGmBJIFBAgEGAGSBQQIBRgEoAYugAfU_ebsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIi-GdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMTkwNDkzNzQyMTE1MzAwNBgA&sigh=KpguMY-ozBU&uach_m=[UACH]&cid=CAQSPABygQiD6z0aIx_r8Jh9RLb6__qEzVarrDO6y8cZT-OmN4H_QIa71PI-moqDC0WSgvOuIAwuuf6dlAdnHRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=3269428252&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436189&bpp=1&bdt=1695&idt=2&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypVWfRVY69&p=https%3A//presidentialhill.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:20:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 0173 22 KB
9 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 0173 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14370351346645900854/ Frame 0173 24 KB
24 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14370351346645900854/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83fdf1aafb4c2502f250ea3a41f30522e024234c9814973c5ad36765364ce019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 06:28:44 GMT
x-content-type-options: nosniff
age: 481913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25000
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:13:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 06:28:44 GMT

GET
DATA 200
OK truncated
/ Frame 0173 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0173 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A4EA 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Wed, 21 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 0173 19 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0173 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS5xlpXzY7Y4Hy58RaN8fpTWTonutsYfqiRs_Cp_qCWCmd6Z6ajorJgF9nS_d514QbJ71fVxmkLkUkj_6TEuezoy4AgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=3269428252&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436189&bpp=1&bdt=1695&idt=2&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypVWfRVY69&p=https%3A//presidentialhill.com&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0173 178 KB
56 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:37 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 0173 32 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A4EA 35 B
464 B 99ms
30ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJd_is5cISslo8EFNZfiuiI&google_cver=1&google_push=ATf1kGOCAYQexX2esPBXf29tYAKvvj2pa8pWw6IlJabKZwn6i5oAy8wBKWuCtLvwNCTVXkrV6GEDpuwMYYXIZVR4AfOpad06jmKLzQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI4qMNGlKBm0nfxI6Vi2h68&google_cver=1&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta7WjalsGsTY92PJg

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta7WjalsGsTY92PJg

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Jun 2023 20:20:37 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMU5rCEOv6pMB6Y9Ip23QpKs_tbDU0Iify-G9KLZA_cvqZT4mpcQQijAidFrq-4ntmnuXZN7qSfb8apM7ta7WjalsGsTY92PJg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Jun 2023 20:20:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EA
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK0I28RE7Vp_stfeHuF5G7E&google_cver=1&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbis...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbiszuzJQlpmlQHQspzw&google_hm=hmSSChSjsWhtxpA...

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbiszuzJQlpmlQHQspzw&google_hm=hmSSChSjsWhtxpArBw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64920A14A3B1686DC6902B07BLIS

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOZRekNsBpGogIOD9filAMlS1FutC6z317z6L1G47SpJPBMLFl4oSZWH8QyMbwrZoqoZpavy_SAILbbiszuzJQlpmlQHQspzw&google_hm=hmSSChSjsWhtxpArBw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64920A14A3B1686DC6902B07BLIS
date: Tue, 20 Jun 2023 20:20:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDe9ftjBm91R5QKyK2-TN4w&google_cver=1&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYyxrkaxopg&google_hm=eS1IVzBpSTFwRTJwSG5...

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYyxrkaxopg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jun 2023 20:20:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNJJBZCT5_w-b5nZZK8n79_FScSce3ZsYkAmlU27REO3RxPI51naN8V845L90IpdX6Y5WUjdhOcFTg91IeCBrPXjYyxrkaxopg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJDizOkXFbwIzOqkazYh1JM&google_cver=1&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJDizOkXFbwIzOqkazYh1JM&google_cver=1&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVW...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwODkyNTI5MDkzMDUxNjIzMw&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIw...

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwODkyNTI5MDkzMDUxNjIzMw&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmFtocUUVfzXoBgdMtOeWxY6ag

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwODkyNTI5MDkzMDUxNjIzMw&google_push=ATf1kGP7aqv7vkPhsvoHlA8gzYvM0WwaE6odOULMpU3iGEvq5GhIN2MVYkb5N88cKX533LKfaVWjIwmFtocUUVfzXoBgdMtOeWxY6ag
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4EA
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOKPP5ARI2veiyKdIk-u2xE&google_cver=1&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6VByCLNK8

170 B
188 B

69ms
69ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6VByCLNK8

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPC_9ierlgW0FiAJSXfBYFqIkHsCf6wBM2MfLyBMXae1VBh0q2vEnY8CJDkBKvCtEd-n8opzhNSfE98VAxbkQ-54u6VByCLNK8
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A4EA 43 B
363 B 101ms
31ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENFVh_mTvNw4ZHz0p5v_RpI&google_cver=1&google_push=ATf1kGOb9bSLglwTLa5Ldod3Svs4Vsu4J4Av5r6zRZSrBgQB-JJ_rPxgxGIeXwbXs2Fu0xqGGWMeTTu2a8IkcdH3al0iOEjN-a46TQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 174907
expires: Tue, 20 Jun 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A4EA 0
12 B 65ms
64ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfyMGPj-6QMECN9VFLiu-uu0y-R_PPUFXg9B3EjzEtIxcPAoUHDnk_ZWLj9CNJ8RqcsI6l

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0173 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91a54830c0f0c14dc631b6994150ca369d7f7a0cf36a8ff33d82f86f581bfc3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0173 33 KB
34 KB 178ms
56ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 4280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 64D3 37 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A0D7 4 KB
655 B 69ms
68ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:29:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:20:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame A0D7 2 KB
892 B 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:19:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0D7 0
0 105ms
105ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctn_eFAqSZLC4D8-OwuIPqfe4iAWgrdubccru89DREeOt8-X1ChABINCs3zBglfrwgYwHoAHUxZaNKcgBCakCk72ozJhRsj6oAwHIA8sEqgSuAk_Q7P_rMQF9L3PeyjjKYauueQ-h_lhEHPL_681qXc5CMxxNbPopbs4wtTt4zFFtMHRJ1DBRYlozdnKICJ4_kFtp3q80jC0RT-y2eNqdsfGS2BL8BiB4SrPQz2qIwWlcNW9qSD6xANpD0NwsDcVz0BzDrN-7EdjJqLkeXDV6QjS7HCcddxB2JUIUM35lAhtsYwdtoyWCfFXiuyswjbJyCHtc74fSPJQPasEb3jAD2-BwSMWBgHFuGXIUCUGngnZCkKOyJccMnvLmPfzD7AqMmqzBStbwKG_oXjcpoeYqcTadxM50kdDW6lD6C39rX_PNEDTcE7M1faba44w5VT3ONaZkoH12rnpSCue0znpoahlJuyscGNWAwp2AbSwvh5j88s4Dj9z0KeFSMueyP8h6wATW2rKhpgSSBQQIBBgBkgUECAUYBKAGLoAH1P3m7AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDg4B7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi0xOTA0OTM3NDIxMTUzMDA0GAA&sigh=08xs3fskocM&uach_m=[UACH]&cid=CAQSPABygQiDLJif7yoiQOK-0WxmH7Z4_nhkLPWZGYL89R2fiyNLaVVrGU4u78CRSA9-KK3Mhc9eGZO7PpFnTxgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8968586262223670459
tpc.googlesyndication.com/simgad/ Frame A0D7 14 KB
14 KB 57ms
56ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8968586262223670459?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6840db6d79b9093e6af1c37ab7889353d7507d9a9ccba724e08920686f6254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:26:05 GMT
x-content-type-options: nosniff
age: 399272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14138
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 08:43:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 05:26:05 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14370351346645900854/ Frame A0D7 50 KB
50 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14370351346645900854/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2e58dd3108821bb76c7e137ab48309d9573d566e96220c6ab77d966fa6b7472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 07:11:51 GMT
x-content-type-options: nosniff
age: 479326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:13:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 07:11:51 GMT

GET
DATA 200
OK truncated
/ Frame A0D7 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame A0D7 22 KB
9 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame A0D7 3 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEDF 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Wed, 21 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame A0D7 19 KB
8 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A0D7 0
0 63ms
61ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWEhdsKFNZxd6FsP60BREe56IpsA94HDd120nf-NXh9RzPMCDWkYuo-Z0Lw86AoYTQFMMweEekV0bkQMEP6v4hXhlmIQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0D7 178 KB
56 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:20:37 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame A0D7 32 KB
13 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
DATA 200
OK truncated
/ Frame A0D7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5b4ab4fa9acc4131d30e6cdae07d8a248ace4cc8fd216f8945b3d7592cf0233

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FEDF 0
104 B 417ms
59ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHbF3KRSPNf7gz52ungefUs&google_cver=1&google_push=ATf1kGM4DuaqSvwfUOKCp3F2hnJO4vO8Ilo5u6AufKjtFp0-wG62OOlCYKZeMscSX_CQIaShOlF7nGyzABSQhHsiPmFoTuttm4So8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame FEDF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw...

43 B
412 B

236ms
226ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7da6b6abcbfbbb50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 29
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOCgXLQvYtFWqMjwWONyUZk&google_cver=1&google_push=ATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNXe6zE8QcEdYOSnuTi1Gf-APYpO9Qc1byMTqgn3ueJZWF6aJF0JNZBLjlV1QKJrijA7sg6kKs5oVLYVlImmhBF4V_EiOw19w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7da6b6aa8a62bb50-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEDF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFkWxBUzkHIqoKMd7tb_2Tg&google_cver=1&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2qlAKtBOgf26ix9w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=45F1D56869794D20B6DCC0EDA66E44A0&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2ql...

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=45F1D56869794D20B6DCC0EDA66E44A0&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2qlAKtBOgf26ix9w

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jun 2023 20:20:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=45F1D56869794D20B6DCC0EDA66E44A0&google_push=ATf1kGMV7L554e8zJYFI2yWdlMnyETqYF1JNYCRH_MuzQOXSJw7p7_DTDZFJ7tfXHQ6Nle48pwj32iCyv5vA2qlAKtBOgf26ix9w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 19 Jun 2023 20:20:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FEDF 70 B
265 B 408ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECbpERXFhyfFbSUO4v9Klms&google_cver=1&google_push=ATf1kGPmP4Mx6eVC__4R0c8NRnKtxtqvo2Q-mVtp5VaxKdovTjBSN3uBDa9qH_eQxBhpOqOACghUWc_nfXv9G19nDvel1LrzX5YNmg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEDF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHGLngjPsMZOtDPWd9jUAI&google_cver=1&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4u...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4ujQXZ1eg&google_hm=eS1IVzBpSTFwRTJwSG5q...

170 B
188 B

68ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4ujQXZ1eg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jun 2023 20:20:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOG03FvY30x29-UikbuKSXDVGuAmr2RUgogzJZ9RBIuzQsRpn8SudSvfYvQnqzzTEQE1PlVuzPzHGI3NJNDeBxXC4ujQXZ1eg&google_hm=eS1IVzBpSTFwRTJwSG5qYnNydGtlSElGMjh0MHFDeGVlQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEDF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJnL-of7bDRo4_mr21J_4KY&google_cver=1&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwcdeTbbi9MJkSKqZ8tvg

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwcdeTbbi9MJkSKqZ8tvg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUqQqmpP14GvxEdV8OGw1yIq9cEhxZ8las_BIDNq12hlmfIrMGtnCKWR1dTC_0Qj1AcDQXqZ1jIWwcdeTbbi9MJkSKqZ8tvg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame FEDF
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIjD9-rB-kCRe1hdxAQn5m0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGME-mtOSTEke15s9aH6_635iSWXDDg9CxOsiMRB3-vTTgQQ6WcXnZsd82olpoU9SykUXrScmydCP_IfYC5aii-KaxWFdEINIA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

70ms
69ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Tue, 20 Jun 2023 20:20:38 GMT
pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FEDF 0
12 B 66ms
65ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVDOIO5pqA2mmVwBYeaSxyMcM2u39A2m1XMYWmKltKfRpfZg2MLOxJmhbBu0fySZuNc-4aWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:20:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A0D7 15 KB
16 KB 57ms
57ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 270982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:04:15 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D3DE 37 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1904937421153004&output=html&h=300&slotname=9562454237&adk=919417096&adf=4291529762&pi=t.ma~as.9562454237&w=640&lmt=1687292434&format=640x300&url=https%3A%2F%2Fpresidentialhill.com%2Ftarget-memo-confirms-they-know-they-screwed-up%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687292436202&bpp=1&bdt=1708&idt=1&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1305453280cb515-22266de2aab400a8%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ&gpic=UID%3D00000c52bf484cba%3AT%3D1687292435%3ART%3D1687292435%3AS%3DALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA&prev_fmts=0x0%2C640x300&nras=1&correlator=6301331392234&frm=20&pv=1&ga_vid=190718066.1687292435&ga_sid=1687292435&ga_hid=753981674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=294&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44794790&oid=2&pvsid=2341992175490257&tmod=559774342&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Uj570uuYuY&p=https%3A//presidentialhill.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0173 42 B
64 B 99ms
99ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHF7mxfysIs55yNXC53-7OZa8hKLsdG6QrqIjk0_mdDdt9tps6IaFgrSUvcsexZHkGSeyS-q4FJuXERGk-2VacULWqJsY8qkYK5C_eXHzXS51R3GlQF3S7xkNmBEIg1W7tGzCJLmtCPZNE&sai=AMfl-YToaJvDiC5y0hyo0YH4oq26wSxwdMRIiZNld0y52iBT3g7rj-L5PTuZj9vQ_CIJcaZzQv8NaH9MrRBz-6OikmCU3N9cgFVvpDMLBCybkOTFpD9HIEIjxxH5lo8U&sig=Cg0ArKJSzJHKyAbFNr3WEAE&cid=CAQSPABygQiD6z0aIx_r8Jh9RLb6__qEzVarrDO6y8cZT-OmN4H_QIa71PI-moqDC0WSgvOuIAwuuf6dlAdnHRgB&id=lidar2&mcvt=1000&p=0,0,300,640&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=919417096&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687292436200&rpt=1457&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:20:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.presidentialhill.com/	1970-01-20 22:17:32	Name: _ga Value: GA1.2.190718066.1687292435
.presidentialhill.com/	1970-01-20 12:42:58	Name: _gid Value: GA1.2.1387828442.1687292435
.presidentialhill.com/	1970-01-20 12:41:32	Name: _gat_gtag_UA_156882191_29 Value: 1
.presidentialhill.com/	1970-01-20 22:03:08	Name: __gads Value: ID=c1305453280cb515-22266de2aab400a8:T=1687292435:RT=1687292435:S=ALNI_MYQLpk9GGJu6D5XdtHnMV8bKwD_PQ
.presidentialhill.com/	1970-01-20 22:03:08	Name: __gpi Value: UID=00000c52bf484cba:T=1687292435:RT=1687292435:S=ALNI_MbiElOvbqHneDsUc820W6Yr9C2uUA
.blismedia.com/	1970-01-20 21:27:12	Name: b Value: 64920A14A3B1686DC6902B07BLIS
.mathtag.com/	1970-01-20 13:24:44	Name: mt_mop Value: 4:1687292438
.de17a.com/	1970-01-20 21:19:56	Name: guid Value: 1.318384025606208212
.doubleclick.net/	1970-01-20 12:41:36	Name: DSID Value: NO_DATA
sync.srv.stackadapt.com/	1970-01-20 21:27:08	Name: sa-user-id Value: s%3A0-2dbbed62-a945-5b41-7474-50871daf202c.3zE3UIC4eHT6Nr%2BxHKbZxkBVASWKYd92%2BzqSK4ZB8xM
sync.srv.stackadapt.com/	1970-01-20 21:27:08	Name: sa-user-id-v2 Value: s%3ALbvtYqlFW0F0dFCHHa8gLMEg-OE.Jbn6gOgDWCHo4U91e4p%2FRWzBEFtnDAfgV9U8lZjzE5c
.srv.stackadapt.com/	1970-01-20 21:27:08	Name: sa-user-id-v2 Value: s%3ALbvtYqlFW0F0dFCHHa8gLMEg-OE.Jbn6gOgDWCHo4U91e4p%2FRWzBEFtnDAfgV9U8lZjzE5c
.awin1.com/	1970-01-20 12:44:25	Name: awpv20044 Value: 412871\|1687292437\|eb2c5410-0fa7-11ee-9f97-223306a13768
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.doubleclick.net/	1970-01-20 22:03:08	Name: IDE Value: AHWqTUlVeYNDQj3QTTV4Sv6Vs06Cv6GL5i963WunfcZWpPzoh53CC3whh0sPH1Idlf0
.quantserve.com/	1970-01-20 14:51:08	Name: d Value: EBIBCQGjKYEA
.quantserve.com/	1970-01-20 22:11:46	Name: mc Value: 64920a15-a57eb-05c6f-6fbc6
.c.appier.net/	1970-01-20 21:27:08	Name: _auid Value: TQRVxRl7DXeZ1250FQqSZA
.c.appier.net/	1970-01-20 13:24:44	Name: _gu Value: CAESENErEc0rETujPfqEzTs_VVc
.adform.net/	1970-01-20 13:24:44	Name: C Value: 1
.yahoo.com/	1970-01-20 21:27:30	Name: A3 Value: d=AQABBBUKkmQCEHSAuPvGtzD88kmJcWVaZNcFEgEBAQFbk2SbZAAAAAAA_eMAAA&S=AQAAAkb6ZEBhJ03mtk4KKNg2cII
.adform.net/	1970-01-20 14:07:56	Name: uid Value: 4208925290930516233
.simpli.fi/	1970-01-20 21:28:34	Name: suid Value: 45F1D56869794D20B6DCC0EDA66E44A0
.o2online.de/	1970-01-20 12:51:37	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NzI5MjQzOHZsZWExZGUyMDIzMDYyMDIyMjAzODg2MDczODYyMjI5WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZnFCUnU5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/	1970-01-20 12:51:37	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 12:51:37	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023062022203886073862229X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NzI5MjQzOHZsZWExZGUyMDIzMDYyMDIyMjAzODg2MDczODYyMjI5WDExNzY3OVYxMjI2MTMyNzAyT
.tribalfusion.com/	1970-01-20 14:51:08	Name: ANON_ID Value: avnseFtMPmFUTgUpMDVdpipUFVpKjjDYTVrsrfyrVp0gB7TcbyldGEWXPTTVaSc7Ccy8rb33VE5ZcQZceANlPX

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1gj36n7dbgsw2252cgebyk97e6hgsg5f1qmkvtvbjz8qj0nq488f681dczt3qgr48b2yq6zvdf5pg0f6n6h01qsg2m21wxhsxk7z38yyt8zjfkv0qs7zz1nkwfw1rcgx5qaabw3t6jscfp0j5g7jr1h7jpb4cgjgf2y5zsydvrh5hy4p7g5zv2m8she2x9r12wntfesr753h36asm5s81jp49xz87wkh3rk2ts9xqwz413gsab7naaa2a5twv7v3ff1b78steapra46yw2vq1zs26fcashkc808khy2txjespwfb7658b0jwmvf2dsr8ak4y8vskm5q1ns16fh5ggqpshz81wbmxk5jpw07cyrxpg3jgh10g1rzxwh9p0s4safq907616baceezjtdn2q5c70k08a073zm30m9xfxf4mzpanjnp9dywwhqns6gwmwnypp5jk7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%26client%3Dca-pub-1904937421153004%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=970&d=250&e=&g=0f042131951cc6bf0195122b0510b351%2F15522973404344355572&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687292437214&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0kgxn51my84ca9dg6hkxmqk841s564p3xxtfqr2rxnj1yf3wtbd753r5pbm78a9eztxa7g7ayhn5p033p04q2sf8466xggymjdc605xbe6dmsk69ag5m210ndbvw4dg55mhs9f0tk8n1r0yb1ce39gkmq4yn9xzwtj8nyn7k06avvrh3k4ka5dfmg0ec675wad3tz05tgynj0hvnzv6xjj01xwhpts5d2q10m9cea5hd4b4gdg7jxffzztc8ddkdazxa04141snhw91pvsdgxs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcCVdFAqSZJvMEMr5tgevqpOwDJDhgYRctqjCivACwI23ARABIABgnQGCARdjYS1wdWItMTkwNDkzNzQyMTE1MzAwNMgBCakCk72ozJhRsj6oAwHIAwKqBKQCT9CnS9bywp6ANlhjy9lCh3wQ-fFgYLb4XhKPq1cMgDNgruPLcL4d-F39IrPTtOs0VQz8ku_jFTHZhPcFOuDyhPHjsrUVMR_m_Yi2htf-n9rfw_EmzrCfmqK6uceBa-e6rf03hfqrLOMX4oVpI41H1_pQWEtG9LVsArV1mAi1UFLy9kDxk_JNVuZBW8Uqsa9uClTmiT5LZOly1P7yt82GVQSIBv47lNnYiLxGKdWRQXxzzc-FTZZZXBl4Y79S223X-_mW9bajdZcHJJW8PVfcYuu3c4goENZh0HcMiD2dTjhGQ5E7DuU7sDmnV2K25nTZmpFzFPdB3yBPYSCDokZuyFAhq2-IdCBbaYcVyTnWENZFhQon4iA0rLQnn5SFms6Qlad8YIAGj7Kpnpv_3u64AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0uDEz7Ez3B7klmpj5fVY2CNx18Pw%2526client%253Dca-pub-1904937421153004%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
adservice.google.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn2.decide.dev
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
decide.dev
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
presidentialhill.com
prod-rtb.ad4mat.net
pv.medialead.de
s.tribalfusion.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
trk.presidentialhill.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
142.250.185.130
145.239.193.130
151.139.128.10
167.233.13.224
172.105.199.172
172.217.16.198
178.250.1.9
185.29.132.245
2.16.97.41
213.155.156.168
23.197.149.186
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4497
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9d
2a02:fa8:8806:20::2010
2a05:d018:d29:3602:cb7c:b9e3:cc95:725e
3.33.220.150
34.149.139.129
34.160.236.64
34.96.105.8
35.169.39.25
35.204.74.118
37.157.5.132
51.89.9.254
54.173.30.48
84.200.5.215
98.98.134.241
066fef5a04e4deb6fd84cb682b1b4792c49a83f38f135492faf24a11e3d52b6f
089fbffdb6d3e4e26f8e946ddba7599b59971bf051373ceeb46d40ab86bfee4d
095a7119de51062bab96bf33dd603f2d1f222640ac3d8ff11244a5269cc93f37
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
16202fc8f53911aac5adede9ca38550f7d9a8552deaa02f6b77c32b976f05758
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d62ef30eb9e4489611aa0fed40f21207ddff23354c29df67c38f9b28e78a67f
2014549296f3f169da318013e36bee02b6e6ca294811b429fb8d39dbe68e2f2a
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
2b69a8c5011af30216659c1370051907c4c348b7586d2c3b963420a70bb0c9e0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3fa17629d2fdbccc8a0391ca4f8c798dce62e90c9db092db4fcbd7935f86f0
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
335928df1c90907a8127b4d3a3a066a23553dc4a6fa860fea5b869300ccea178
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ce53d1f901f9183b5f311cb21e679c23b258947e8dc9e453414ca6677c1d09a
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d58f33fa7040610b40a6c773df73dae1a34c2d9bc95dd3a3949212806fbd02a
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3dffa84e13fbc367c907ff31e293923484de18c4c06cac97109e4b9a1b19752c
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406
3ffd05bca69e48d6ce0d99238e5c129cd7b8dd5067019cc15c8d39a33cddeb1d
412202024bfd456e58941897464943aacb1ea8b70ccd3ee5098d590b7cbefd3f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
461e29561fa0d28e3ce0d0e0470d9c2e446825c69c7c4c0a716b503f9c37fe62
48c5b112635e7f6c91cbb82bf1de510a3fc54442ed447f62cad52d2f5cfc88d8
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4d195c7a10b849752842b8976d6b6720e659e450b710c06ffed5bbb326afd958
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53d87ed8b9dea593a1d49c88373b68f9212b739588e032d5d070687c854984a4
54d7b9ac2b17ad54300498038f931bf2531a467ce42eae44e2b2bdaf91706dac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58576087a6fd082773e548c213f2e52f9e23e39bbb64a6a21496a1ae0f9523d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658ad047db1995289c4f0f119fc2fe439b9efa1913c36d8d9d0d43d81a4b7b79
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6759d4716d97179af23e3c1317af9a17baece28acd0ad005eae3b7e3baeacda9
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f905c148859be92e160837deec8bccd9700a134d483677e62190319f24f9729
743f65b0622a16c8d51e6d35c9d7a4e058efd02fe7bceb4baa86a87abe05b01f
75977caf5356bf26a79a970cff88c384fe5cd12ce718c4c417b24ac7ce96e7c0
7d6a45782cedf2a84b1ed878c237046e658b0e172a852909224232d2118ec7be
83fdf1aafb4c2502f250ea3a41f30522e024234c9814973c5ad36765364ce019
843ce787c060f04c0334bb78db17bbea63a9f9c5b99466b3998be06be0d64305
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91a54830c0f0c14dc631b6994150ca369d7f7a0cf36a8ff33d82f86f581bfc3d
97366dd9a568f1654599b460d4d3a6442bafe4e2015ad2dca52392b06ac2259b
97aa7d934532bf9f766979392e48e202f89326bcd03d4683be8b7ac573ee174c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98dee0a686666d015a59744efe8c1eaf4f791b7f97d52601fa4f74eccad47412
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e58dd3108821bb76c7e137ab48309d9573d566e96220c6ab77d966fa6b7472
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b2d8ff5496d7afc6dccb37eeb542633330d3cccab01422ac9a777aa9aad952c2
b3330ee2b37ceec01eea25e6ebb317957268f93cd5b74eaf2232df7fe0e58cb3
b5ab508ec0d4ce9d7d4ceb49cb7a7e5beb4900a52ef335e70bd43c5c7e95bdaa
b6840db6d79b9093e6af1c37ab7889353d7507d9a9ccba724e08920686f6254e
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
c0751b7b957ccf2a0dedbfef2a0b29a03daf33840a868e8d5e3c12a74410c7ff
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c13e2c868b551bf48530349ff8f98bfd8d9787113ad96c3f3d666aaf221d8065
c5b4ab4fa9acc4131d30e6cdae07d8a248ace4cc8fd216f8945b3d7592cf0233
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8776ecc05012427ceef7381f1de931c1b7ec5e068e1287742adb9faab9d4835
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55943e8cf96e9445fbb820bb64931f4d3c5109b82e24e2fa06782aeef428e5d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70cf57077731c4864b1b3c4e9fe26d8deae1bf00bfb46107df00da65b428d79
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec1e0d9bb27d98ce0643afa0971f9506808531e3334248652e1adad913643bb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d428d71ab3abc8b07fc8f259689a3165b05ddb3403ab376098669968289b97
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9104f11c80c7ddd182c87be2fc8b2cb699d45ce841d76674773459e9420a01a

presidentialhill.com Open in urlscan Pro 2606:4700:20::ac43:4497 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

90 %HTTPS

50 %IPv6

35 Domains

47 Subdomains

34 IPs

11 Countries

2048 kBTransfer

5468 kBSize

27 Cookies

3 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

presidentialhill.com Open in urlscan Pro
2606:4700:20::ac43:4497 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

90 %
HTTPS

50 %
IPv6

35
Domains

47
Subdomains

34
IPs

11
Countries

2048 kB
Transfer

5468 kB
Size

27
Cookies

156 HTTP transactions
6 data transactions