urlscan.io logo urlscan.io
SecurityTrails logo

haigram.com Open in urlscan Pro
109.106.252.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bicolink.com/full?api=1262cce7f20a7593638cc5dcdfebb97ca9eb3563&url=aHR0cDovL2ouZ3MvQ2I5Sg==&type=2
Effective URL: https://haigram.com/
Submission: On October 24 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 6 countries across 42 domains to perform 287 HTTP transactions. The main IP is 109.106.252.240, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is haigram.com.
TLS certificate: Issued by R3 on October 21st 2022. Valid for: 3 months.
This is the only time haigram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31 109.106.252.240 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.241.76.101 16509 (AMAZON-02)
27 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 31 142.250.186.34 15169 (GOOGLE)
4 8 185.80.39.216 27381 (CASALE-MEDIA)
3 5 185.89.211.116 29990 (ASN-APPNEX)
2 2600:9000:21f... 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:401... 15169 (GOOGLE)
1 74.125.133.157 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 103.229.206.241 ()
5 5 54.93.141.89 16509 (AMAZON-02)
2 2 3.124.225.111 ()
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 185.86.137.108 ()
1 2 51.38.120.206 16276 (OVH)
4 142.250.184.226 15169 (GOOGLE)
1 2a06:98c1:312... ()
4 2a02:26f0:480... ()
2 52.21.72.191 ()
2 34.98.64.218 ()
1 4 2.18.232.7 ()
2 34.149.12.213 ()
3 4 185.94.180.126 ()
2 2 3.126.56.137 ()
1 2a02:fa8:8806... ()
1 66.155.71.25 ()
1 34.96.105.8 ()
2 2 52.30.181.76 ()
5 5 213.19.147.45 ()
5 108.138.5.230 ()
1 54.230.177.203 ()
7 18.66.122.124 ()
5 3.220.23.220 ()
1 2 2606:4700::68... ()
1 1 193.0.160.128 ()
2 2 185.64.189.115 ()
1 1 104.18.19.126 ()
2 2 72.251.249.13 ()
1 50.16.119.243 ()
287 47
31    109.106.252.240 (Germany)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv130.niagahoster.com
bicolink.com
link.bicolink.com
haigram.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
42    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
22    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
adservice.google.de
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.plus
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    34.241.76.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-76-101.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
27    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
31    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2600:9000:21f3:5a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2607:f8b0:4012:811::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
bid.g.doubleclick.net
37    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:67::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5ednly.c.2mdn.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    103.229.206.241 (None, )

ASN- ()
sync.mathtag.com
5    54.93.141.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.124.225.111 (None, )

ASN- ()
a.sportradarserving.com
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.137.108 (None, )

ASN- ()
ssbsync.smartadserver.com
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a06:98c1:3123:e000::c (None, )

ASN- ()
cdnjs.cloudflare.com
4    2a02:26f0:480:9::210:ee0e (None, )

ASN- ()
cdn.doubleverify.com
2    52.21.72.191 (None, )

ASN- ()
as.jivox.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
4    2.18.232.7 (None, )

ASN- ()
sync.teads.tv
2    34.149.12.213 (None, )

ASN- ()
tps.doubleverify.com
4    185.94.180.126 (None, )

ASN- ()
sync.search.spotxchange.com
2    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
dclk-match.dotomi.com
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
2    52.30.181.76 (None, )

ASN- ()
match.360yield.com
5    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
5    108.138.5.230 (None, )

ASN- ()
playercdn.jivox.com
1    54.230.177.203 (None, )

ASN- ()
cdn.jivox.com
7    18.66.122.124 (None, )

ASN- ()
assets.jivox.com
5    3.220.23.220 (None, )

ASN- ()
evs.jivox.com
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    193.0.160.128 (None, )

ASN- ()
p.rfihub.com
2    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
1    104.18.19.126 (None, )

ASN- ()
ssum-sec.casalemedia.com
2    72.251.249.13 (None, )

ASN- ()
ap.lijit.com
1    50.16.119.243 (None, )

ASN- ()
traffick.jivox.com
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
627 KB
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
404 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
gcdn.2mdn.net — Cisco Umbrella Rank: 933
r4---sn-4g5ednly.c.2mdn.net — Cisco Umbrella Rank: 362945
296 KB
29 haigram.com
haigram.com
598 KB
21 jivox.com
as.jivox.com
playercdn.jivox.com
cdn.jivox.com
assets.jivox.com
evs.jivox.com
traffick.jivox.com
247 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
693 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
192 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com
7 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
26 KB
6 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
226 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
131 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
259 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
3 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
5 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 teads.tv
sync.teads.tv
802 B
3 1rx.io
sync.1rx.io
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 360yield.com
match.360yield.com
786 B
2 yahoo.com
ups.analytics.yahoo.com
571 B
2 openx.net
us-u.openx.net
365 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
489 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4553
651 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 mathtag.com
sync.mathtag.com
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
795 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 bicolink.com
bicolink.com
link.bicolink.com
819 B
1 rfihub.com
p.rfihub.com
761 B
1 blismedia.com
tr.blismedia.com
173 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 cloudflare.com
cdnjs.cloudflare.com
23 KB
1 smartadserver.com
ssbsync.smartadserver.com
75 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
459 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
696 B
1 ad.plus
ad.plus — Cisco Umbrella Rank: 58128
989 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
43 KB
287 42
Domain Requested by
37 s0.2mdn.net haigram.com
s0.2mdn.net
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
33 pagead2.googlesyndication.com haigram.com
pagead2.googlesyndication.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
31 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
haigram.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
29 haigram.com haigram.com
27 tpc.googlesyndication.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
haigram.com
imasdk.googleapis.com
s0.2mdn.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
haigram.com
googleads.g.doubleclick.net
9 www.gstatic.com googleads.g.doubleclick.net
www.google.com
www.gstatic.com
9 securepubads.g.doubleclick.net haigram.com
www.googletagservices.com
securepubads.g.doubleclick.net
8 dt.adsafeprotected.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 assets.jivox.com playercdn.jivox.com
as.jivox.com
6 dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.google.com 1 redirects haigram.com
www.gstatic.com
www.google.com
6 www.googletagservices.com haigram.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 evs.jivox.com as.jivox.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
haigram.com
5 playercdn.jivox.com as.jivox.com
5 x.bidswitch.net 5 redirects
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
4 cdn.doubleverify.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
googleads.g.doubleclick.net
haigram.com
4 googleads4.g.doubleclick.net haigram.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 fonts.googleapis.com haigram.com
googleads.g.doubleclick.net
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
3 sync.1rx.io 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 ap.lijit.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 match.360yield.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 us-u.openx.net googleads.g.doubleclick.net
2 as.jivox.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
as.jivox.com
2 onetag-sys.com 1 redirects dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cms.quantserve.com 1 redirects dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
2 r4---sn-4g5ednly.c.2mdn.net haigram.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com haigram.com
2 static.adsafeprotected.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
2 fw.adsafeprotected.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
fw.adsafeprotected.com
haigram.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 traffick.jivox.com playercdn.jivox.com
1 ssum-sec.casalemedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 s.tribalfusion.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cdn.jivox.com as.jivox.com
1 tr.blismedia.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1 dclk-match.dotomi.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 ssbsync.smartadserver.com dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ad.plus haigram.com
1 www.googletagmanager.com haigram.com
1 link.bicolink.com 1 redirects
1 bicolink.com 1 redirects
287 65

This site contains links to these domains. Also see Links.

Domain
themesdna.com
Subject Issuer Validity Valid
haigram.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-09-27 -
2022-12-06		 2 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.jivox.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-13 -
2023-06-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://haigram.com/
Frame ID: CDE8930F9C4EE5FE6713949A793F1C98
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/zrt_lookup.html
Frame ID: 25FBEB02B309F0F53BD9D4073872C102
Requests: 1 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B713EF1B2F9BE88CACA7BF6593A661BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2295048427582817&output=html&adk=1812271804&adf=3025194257&lmt=1666591501&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhaigram.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666591501611&bpp=4&bdt=93&idt=142&shv=r20221019&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6805041588957&frm=20&pv=2&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31069177%2C44774606%2C44775017%2C44773747&oid=2&pvsid=201067402340645&tmod=1968118915&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: 34969774A936C0FCFD9048B6DAABFB81
Requests: 1 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 09F125F062DA2262484C4E7E3ECB5B57
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Frame ID: 444394AE7CA8DDEEA5A9A8AD9A82CD62
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Frame ID: 7C178D897BB57858E59851A2D35AD6AD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5A54EF4D060AFB8860B6A2DA41E1519D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53E21F94197ABB12476D56E98F3A129A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 3BFC21BED0D4730FAD29F57718E094DE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B2B877AB964A7AAE9D46AB9467C4A6E5
Requests: 1 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6C43419DC0A4779D826DE64137B195C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Frame ID: ADE2EF015205A17385F963F2015061B4
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Frame ID: 67A8274B2EB87F9988C53A4BD76E5456
Requests: 8 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3D8DAADD930F523A8307CB03FF461D2
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Frame ID: 8FE9843D9C2EBE2658C8B2CF1849EEF7
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd
Frame ID: BE80742B72FE4B79E0A45F2A1373D64A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9505AD305433DA9EBA14AEF89E8F317C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A56BBFF9426224160397EC79E63CE987
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Frame ID: ECD4F00E07A40A5B86FBA7D67367E28C
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7AE5CCCBA155F5F8F99F6A29FB7021E1
Requests: 3 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E23E17339386368B51BFF4225E81DAF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Frame ID: A73048187F3165EE758FDFCA2CF459E5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: E442B3E2BAFAF60EF80ADAB1A0CC39BE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 6016762B4EBBA47611D1F523A6591B57
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FE9661F86A451A3AE80F91003F4E3D3
Requests: 3 HTTP requests in this frame

Frame: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A599D4E0BAD37C52927A37FA6747A437
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 956AAC1B0ACC9602F22D6C1DC54D0DD0
Requests: 1 HTTP requests in this frame

Frame: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: 60E389620C7554CC108B83107FFE2AC5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNXLXF8jbMZ1_uBCJ6g08d5ScH4txG2vYr15Taf7T4R4Xhbk4akTT-zoUaIPr0AhxURxqV3p7xRAla53gQE6NCoyzpEQBdFv_tYso2uIxD89crusTcrgtvCrA3BXxRUvtyOsu7hTOleWZ3U5nYsaWa760hnTS3ARQauQX0IptitfxSIX1YQ
Frame ID: 7E226264E9F2303FE17B9A38BBF45DBA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB6F96D65B312F31781EB347AFDD191B
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 053B938162F8098FEB0A2F57F665782C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD743B5E69FD93A77140F1BF3BA7CA26
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Frame ID: 01F783708C56EA2ECC8111D9ED1D4E59
Requests: 22 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: 692B581FF3845B6EEA70C877717E5A4F
Requests: 1 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: 2B6FDB3619BD41EE45277DB151FF073B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B6ADFE739C2698394627F6BD692918F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 0AADF6CC2294AE6CE732582ECF72D315
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Haigram – Your Social Media Business Guide

Page URL History Show full URLs

  1. https://bicolink.com/full?api=1262cce7f20a7593638cc5dcdfebb97ca9eb3563&url=aHR0cDovL2ouZ3MvQ2I5Sg... HTTP 301
    https://link.bicolink.com/QZtu HTTP 302
    https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9... Page URL
  2. https://haigram.com/ Page URL
  3. https://haigram.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

287
Requests

89 %
HTTPS

44 %
IPv6

42
Domains

65
Subdomains

47
IPs

6
Countries

3793 kB
Transfer

10549 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bicolink.com/full?api=1262cce7f20a7593638cc5dcdfebb97ca9eb3563&url=aHR0cDovL2ouZ3MvQ2I5Sg==&type=2 HTTP 301
    https://link.bicolink.com/QZtu HTTP 302
    https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0= Page URL
  2. https://haigram.com/ Page URL
  3. https://haigram.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bicolink.com/full?api=1262cce7f20a7593638cc5dcdfebb97ca9eb3563&url=aHR0cDovL2ouZ3MvQ2I5Sg==&type=2 HTTP 301
  • https://link.bicolink.com/QZtu HTTP 302
  • https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Request Chain 61
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&C=1
Request Chain 62
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1YrDhiI6dW-s1epAXE.QgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
Request Chain 64
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1
Request Chain 125
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1YrDhiI6dW-s1epAXE.QgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
Request Chain 127
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Request Chain 138
  • https://gcdn.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B71986B90166DD6C0D2A58C3058781287CB7A34F.4B5B2B972B9BB7820E2CB81C8206E0E4221BA426/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48DD2E6EE3BF609A6AD1585BC99350B4B1444349.47FED99F2E4804E957065B8B22D6F32B336E881F/key/cms1/cms_redirect/yes/hcs/ir/mh/LS/mip/2a01:4a0:2b::5/mm/42/mn/sn-4g5ednly/ms/onc/mt/1666590720/mv/u/mvi/4/pl/42/file/file.mp4
Request Chain 141
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRMSHL0kCQWAfTgGAAq-kA&google_cver=1&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZdNcyrT6pr-qXtg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZdNcyrT6pr-qXtg
Request Chain 142
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=66ad05a0-5b61-4b01-bab7-6f48b0c55517&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Request Chain 143
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHoGeOA-DrWhdkedjsKZObg&google_cver=1&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHoGeOA-DrWhdkedjsKZObg&google_cver=1&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA
Request Chain 144
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELm8fkbGPYUdSxKQ2r4a_V0&google_cver=1&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1mlIWwfNcMc8FSpQVA0PFtROHFhHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlNREpVREgtNy1DRkRY&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1mlIWwfNcMc8FSpQVA0PFtROHFhHQ
Request Chain 146
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOMiAl6UMAJ1QSU7kiXgRJk&google_cver=1&google_push=AZmPxg_VWR69mtI23Ay1qRIGpUOZ53ZpFjrR4BeWKAUCG3C1FFh2lYxHQFj4bxyo_7j9NlhjERuGyty_5eqI2BtXLjZRnaIHzsQMq90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_VWR69mtI23Ay1qRIGpUOZ53ZpFjrR4BeWKAUCG3C1FFh2lYxHQFj4bxyo_7j9NlhjERuGyty_5eqI2BtXLjZRnaIHzsQMq90 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHIef4_V18cCruKK_KhkNw&google_cver=1
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEF2QezE3Tly_ee2jqZiAS7k&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1&__user_check__=1&sync_id=cdca2b70-5361-11ed-86b0-1e87ce780106
Request Chain 208
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=cdca2a20-5361-11ed-aefd-1f6fc1870406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2RjYTJiMGMtNTM2MS0xMWVkLTg2YjAtMWU4N2NlNzgwMTA2
Request Chain 209
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zZUhDcUl4RTJ1RWxfYllDZ0RHTDdqbjZXdXR1Qkc3Un5B
Request Chain 212
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIq5kXlYPFudA8oW3gdmoQE&google_cver=1&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFMrgk3Ke82gu0ZBI9aTWO3vQAmaBL7K6sNVJRhak7OpW HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFMrgk3Ke82gu0ZBI9aTWO3vQAmaBL7K6sNVJRhak7OpW&google_hm=WF54gOVPFhzlxXWIcJbYGw
Request Chain 216
  • https://match.360yield.com/match/ebda?google_gid=CAESEEESRRqXWVKdRg7QUxHHQIo&google_cver=1&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGtobrm4 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEESRRqXWVKdRg7QUxHHQIo&google_cver=1&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGtobrm4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IoU94CAmQqWFX4ebFvnVwQ&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGtobrm4
Request Chain 217
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELc6yrkVxXzhK0weTfgpdYM&google_cver=1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1666591504814 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9adc3305-71cd-43f2-8a82-c1cf6ff353c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD%26google_hm%3DA5rcMwVxzUPyioLBz2_zU8U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&google_hm=A5rcMwVxzUPyioLBz2_zU8U
Request Chain 218
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENtlWyXiI98VVympZ8LiyP4&google_cver=1&google_push=AZmPxg9A84HQMsaCGVFOazo1rDNC5XO--mqwRUg50SL5mIOLunuA8x2AjceXxPshLK1iFjXzT-Xa5LOHcVtsYq5R9F7x8O2KibQoUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg9A84HQMsaCGVFOazo1rDNC5XO--mqwRUg50SL5mIOLunuA8x2AjceXxPshLK1iFjXzT-Xa5LOHcVtsYq5R9F7x8O2KibQoUg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 258
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRMSHL0kCQWAfTgGAAq-kA&google_cver=1&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry2U9K95PRDfYsyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=9F1jVisQRACYjIo_9L5SVQ&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry2U9K95PRDfYsyg
Request Chain 259
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsOxp1wLF3g HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322323516037941&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsOxp1wLF3g&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Request Chain 261
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvZrJ-Ip-gQnZ7BPAt_TMg&google_cver=1&google_push=AZmPxg_YjZX83qZSetkrFEEhj2HLuaRnV2ktQT4BYBGabNdJ_SinMXsUWZsIk8esiETClR-PKORAtnrv6T7dm1Xk8QLFFu3fszPj-Q HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvZrJ-Ip-gQnZ7BPAt_TMg&google_cver=1&google_push=AZmPxg_YjZX83qZSetkrFEEhj2HLuaRnV2ktQT4BYBGabNdJ_SinMXsUWZsIk8esiETClR-PKORAtnrv6T7dm1Xk8QLFFu3fszPj-Q&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HAG1N40lQ5CEnamRtxpe8A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_YjZX83qZSetkrFEEhj2HLuaRnV2ktQT4BYBGabNdJ_SinMXsUWZsIk8esiETClR-PKORAtnrv6T7dm1Xk8QLFFu3fszPj-Q
Request Chain 262
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_cver=1&google_push=AZmPxg-6k7NuxTkYegiSgmiYyDLK6ahc86C8FlKinVcqR4ENuxWJ8uCc_KsX1ARNtjmX7065HRnf_eAWOTVSKoFHMSSIOWAjmUcE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_hm=Y1YrDhiI6dW_s1epAXE-QgAACKQAAAIB&google_nid=index&google_push=AZmPxg-6k7NuxTkYegiSgmiYyDLK6ahc86C8FlKinVcqR4ENuxWJ8uCc_KsX1ARNtjmX7065HRnf_eAWOTVSKoFHMSSIOWAjmUcE
Request Chain 263
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDBQPntqV31pqdjAmy0uObE&google_cver=1&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDBQPntqV31pqdjAmy0uObE&google_cver=1&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA&google_hm=FiHNqGZHHMnufjd4QIeZeLdD
Request Chain 264
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELc6yrkVxXzhK0weTfgpdYM&google_cver=1&google_push=AZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9adc3305-71cd-43f2-8a82-c1cf6ff353c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA%26google_hm%3DA5rcMwVxzUPyioLBz2_zU8U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA&google_hm=A5rcMwVxzUPyioLBz2_zU8U

287 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
haigram.com/
Redirect Chain
  • https://bicolink.com/full?api=1262cce7f20a7593638cc5dcdfebb97ca9eb3563&url=aHR0cDovL2ouZ3MvQ2I5Sg==&type=2
  • https://link.bicolink.com/QZtu
  • https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
523 B
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
275
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 06:04:59 GMT
link
<https://haigram.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Niagahoster
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 06:04:58 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
/
haigram.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
11179047472fc509f72d948e10a1f9468713c2e625f0bfdc88651ac964e4a9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
1075
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 06:05:00 GMT
link
<https://haigram.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
Primary Request /
haigram.com/ 		49 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
e6f7f65dac0d845ace7745ff725f4a31e0e0b6ae97b0d493082792f32809d37a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 06:05:01 GMT
link
<https://haigram.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-175323605-4
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ee51c0aeb0d786d3a23dd91ad2081214f476f619635d89310961a30d198c852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43589
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 06:05:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295048427582817
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
748bb054acb859c3520314498cdbaad76b3faf7f89d3e6871ae3fdfcc4b7d938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55445
x-xss-protection
0
server
cafe
etag
10958475425082040952
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 06:05:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59348d34b59f5cbe16baa7ce23234fd0395dd616d47a0fa247240771ca289988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27389
x-xss-protection
0
server
sffe
etag
"1373 / 467 of 1000 / last-modified: 1666390088"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Oct 2022 06:05:01 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e4f80c095e8e5b2e11d02245c879fbe8a47af3d6ca6a64228fb2f95a727a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27348
x-xss-protection
0
server
sffe
etag
"1373 / 693 of 1000 / last-modified: 1666390088"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Oct 2022 06:05:01 GMT
adplus-advertising.svg
ad.plus/ 		735 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.plus/adplus-advertising.svg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 04 Apr 2020 20:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
275
etag
W/"2df-5a27d2a9698fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdYIwjp5pSYk36CayVLRWiyfZdtTfEu6vYqTvqh9PXbdVzvwxZdvJY51hwfr7Wzl9QpYqvabRWgQ9Ap4naGBz%2BZSQ%2FveVJ7jNEo1KjBFih4SD1rgyab7cUR4pS%2FDCtQ2CI8Jqbtt"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
75f084b4c8779049-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
haigram.com/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 04 Jul 2022 10:40:38 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
11658
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
style.css
haigram.com/wp-content/themes/gridmax/ 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/style.css
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
13608
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
all.min.css
haigram.com/wp-content/themes/gridmax/assets/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/css/all.min.css
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
12310
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d80f2f62bb39a65b8c1d3f5caa60f1a164f54a1e1641ba41249b202fea3f5880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 05:52:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 06:05:01 GMT
jquery.min.js
haigram.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Wed, 10 Mar 2021 13:37:24 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
30969
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
jquery-migrate.min.js
haigram.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Nov 2020 07:36:06 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
4168
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
cropped-HAIGRAM.COM_.png
haigram.com/wp-content/uploads/2022/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/cropped-HAIGRAM.COM_.png
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
06840644c87bd8fdce7276ece8348cb5622633fc414ff87a7d4f4a8a911a8cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 02:11:57 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12144
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:01 GMT
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 24 Oct 2022 06:05:01 GMT
output-onlinepngtools-5.png
haigram.com/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/output-onlinepngtools-5.png
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
ddfee1a652dfa1b44eeca23bd60b5a63cd39dbb52adf16b4d5b6321cae7db6cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 02:17:20 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10631
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:01 GMT
how-to-use-instagram-for-business-a-practical-step-by-step-guide-480x359.jpg
haigram.com/wp-content/uploads/2022/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/how-to-use-instagram-for-business-a-practical-step-by-step-guide-480x359.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
4057356738aa98d9d20ac3c91b909bb6daa7ee793e4f4bd23e6c0955e4aa0deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 26 Aug 2022 11:33:47 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27627
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:01 GMT
ezgif.com-gif-maker.gif
haigram.com/wp-content/uploads/2022/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/ezgif.com-gif-maker.gif
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
80988102fe6278d257db81a3adb886c5037b55a562a92845a2db1df053e438c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 02:17:20 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14710
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:01 GMT
output-onlinepngtools-9.png
haigram.com/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/output-onlinepngtools-9.png
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
a22c8abe36375cb168890bceae272108fe3c9c46f50861131836fee72aea2455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 02:17:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11043
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:01 GMT
jquery.fitvids.min.js
haigram.com/wp-content/themes/gridmax/assets/js/ 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
795
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
navigation.js
haigram.com/wp-content/themes/gridmax/assets/js/ 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/js/navigation.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1468
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
skip-link-focus-fix.js
haigram.com/wp-content/themes/gridmax/assets/js/ 		834 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
426
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
custom.js
haigram.com/wp-content/themes/gridmax/assets/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/js/custom.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1464
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
html5shiv.js
haigram.com/wp-content/themes/gridmax/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/js/html5shiv.js
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
3028
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
wp-emoji-release.min.js
haigram.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 04:26:24 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
5021
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 06:05:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175323605-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 05:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3782
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 24 Oct 2022 07:01:59 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295048427582817
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f698026bdece005152cb1522406ed7385c8d9ea6ba4f033042563274058c289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118771
x-xss-protection
0
server
cafe
etag
14873364261866603878
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 06:05:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/ Frame 25FB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295048427582817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 11:15:07 GMT
etag
9671129459699598864
expires
Sun, 06 Nov 2022 11:15:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022101901.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 15:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130799
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:34:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Oct 2023 15:06:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		117 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=haigram.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9d01ab26a499b19be475560f99c67f7f0e6b09a22aef1d0c49523d78936712a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Mon, 24 Oct 2022 06:05:01 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1708394542&t=pageview&_s=1&dl=https%3A%2F%2Fhaigram.com%2F&ul=en-us&de=UTF-8&dt=Haigram%20%E2%80%93%20Your%20Social%20Media%20Business%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=66148898&gjid=214137558&cid=141213828.1666591502&tid=UA-175323605-4&_gid=2061641187.1666591502&_r=1&gtm=2ouaj0&z=188477678
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://haigram.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://haigram.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=haigram.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=haigram.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=201067402340645&correlator=3013962174460927&eid=31070473%2C21068766%2C44775319%2C31061166&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=21849154601%3A22445082990%2CAd.Plus-Mobile-Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=434000830&sfv=1-0-38&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1666591501713&lmt=1666591501&dlt=1666591501518&idt=159&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhaigram.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2d1b9678afd7072e8a7766e35867754c786dd30fe97d36b674251c42aba96b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26494
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haigram.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=201067402340645&correlator=3013962174460927&eid=31070473%2C21068766%2C44775319%2C31061166&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=21849154601%3A22445082990%2CAd.Plus-Anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C960x90%7C750x100%7C950x90%7C468x60&ifi=3&adks=2179956846&sfv=1-0-38&prev_scp=site%3Dhaigram.com&sc=1&cookie_enabled=1&abxe=1&dt=1666591501733&lmt=1666591501&dlt=1666591501518&idt=159&adxs=323&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhaigram.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=970&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c877f81c88adb0b86b6410351228b89b7adb23203ad0b073ed20a66edb161900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10639
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haigram.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B713 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022101901.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022101901.js?cb=31070473
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
313c9d6e9b20a4a065421ab0be3971e3fb609023c96bd0ce13ef665f1c331d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13930
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:34:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 15:32:30 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=haigram.com&callback=_gfp_s_&client=ca-pub-2295048427582817&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b94aad068face95b79270021a2de0b4a2e4dea15cd8365b85ac770c557b65e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3496 		114 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2295048427582817&output=html&adk=1812271804&adf=3025194257&lmt=1666591501&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhaigram.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666591501611&bpp=4&bdt=93&idt=142&shv=r20221019&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6805041588957&frm=20&pv=2&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31069177%2C44774606%2C44775017%2C44773747&oid=2&pvsid=201067402340645&tmod=1968118915&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76dab764b0e848cada83fc7b4d0c1e036ea82fe56b330a6a5be61d311f609b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
37376
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:02 GMT
expires
Mon, 24 Oct 2022 06:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99b9159933626d57392bca0e7b472d9a280a58df5c6cd14d9d093bbbefebaed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52381
x-xss-protection
0
server
cafe
etag
4874976045654187963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 06:05:02 GMT
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=haigram.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=haigram.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/ Frame 4443 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295048427582817&plah=haigram.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 19:31:01 GMT
etag
9671129459699598864
expires
Sun, 06 Nov 2022 19:31:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7C17 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:02 GMT
expires
Mon, 24 Oct 2022 06:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 09F1 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CP7QIzOOL0WUzYeRkNo-bBCh3VRi1wvJQySa7xH5FZk8WKLriqWA5bFGqtP-8Yld4fmwoRTAZ7tHsZwIZF9s3L_DNgaAu9WQ_ObmIfhiUi-ve5FF_AQsCloMg0_OchF1GvhgOoLDxaEFtlXSqI2cIrwT46gux4-yNxR3mvLnCTZYlELpE&cry=1&dbm_d=AKAmf-CZ56psiokd_LrmHlk2-sBshvZKJSrHWctUC_DLCB-f8QVfg1wsgV70binnuTfmVceFJ2ulJN8Ilwj4WO21ARmNBRHuiYIUkHeLcnj8F2fZ_F0tMwcp86pYpXb43ap1ZD6uiWNEl1n9EpsHZLaTDxfI3giFvctbSYGWfDy1nZSEWjI8xa2qnCnfwV6vffc6Q5-XWOV4kOiSDbS-_fM6qTH-SBifWM8gvrcV8CdRjmuvwjdYnsBjhAFVsrf5DlqUrcIULD4e0PMQX5AhT4x98NJgj4bcZXwfyw2IwDyUyU1IQtBUFoNiL6_LEx4a3-l6MBqVe86gA_BJtAkszftul30b4OAdv9gS-sKmDWv6Yn3f4WMuVYYkViYV5YZotic2qne8z0g_BgFzNHK82jFf5Bd7ey-GJphkTW8vsaf_zC8wrc6yG3m2e5ILaKHeenLsGkkZqfBgAGYa_eTZXQYBQubBh3bJDgVDHcuTWE_VETmEiaBm0FGE41s-Kj05jOVjL7yIgSh52BNEokTr0_38IBzdiCA4wH43nDPar-m1rEyqwe4RShUz86F431-v5-HhfARwE3pw_LoswlD4lhBJXMJbifnTOkcNlA9w3nVo5YE9Y3YX2mga8otlv9AuhQka6hhUMZOBQYWosn4onZYInGrFsZG5zSgeR7HWFpIbsbne-jwKGlXtJk4lqM1ohuVi5GwbjfA4U8n7aWS5J-4W-aghmZZUFFVpdvus8ogtS19wBwhOFEBzh_asFWV105jM51tizWi_0-5D0Trkc6cuBcIVKVxbl1Q_gt6CrK2Z-TAFvw-ikbGG2EgOcA12GY2yzYl4lV129-QDKaDywSuTg2-5LJHB4ITbvcE47a1OaM-xYTyrthE1HyA1FNB76RfcCYxo_sEMK6Nf73iNvrlQGvMHgWxu03Qa3kGqVfEaC-Tp84hp6r4rX7WuwFOEn30sab3Huk5zU3nFxZ5ZtysVYxKP52ewnM6m21Q-b5hvrHSRb5VGbrNzStcOGYRwK6REfBTkrw1H0tvNfPTVqCaz85dF0Ps6k0_iOrHa-Oge53VshY8osPNGUJOZeiDB9S-ZwAc49C244A6NIdNOQv7T3luUqXyo42VMjAlFhMuafjuvUEupxBYFqE4KtX8PPNHON2LwOCWIZURaiffXoK93xeYvN9YXCo1wS0-gdkCOtuzMxT6NcnWQc7lcsx34qfhTi9SE-aIjUQp-nkksKUG8a6ac7Hv9j073NslxiqJjyy_Z-yDjJpdd3Ze3oHPVFeg4TSvS-oLmuOjAHhrQyy3vtjfjG-2FOp5j1D-1u4bvnR8n_FZ20m9Gz3BWW7U9swWrzgIKs3ZiN6m29ICOsBwUmvOlDFdsbFfLSXjKfnpvzBMscTu7mA8wkp5rm-AAwM4y8gBk_hjNhjfgzomSRXrYHurMhA46AMCdjUxReqtJermnoZBqtWv38y-QtBkyd1lLDg8AqCTltl-8ppmcBt0x-ZQhJ_ijv3UZskGfyd4o_KelyqzUPji5fwezdixrHvT7NMQN8sRCaeJLYumMBPR-r6XdeHASYPcAreiOC24AXoLl35IM9rzImeZAnKmSoLTuWkkhrP8FHpsBhPCFd4sB2keseZHJ3UBAE64NLjSgVfBLKuawRQyGmaP0ho4soVxhbusaeX5DYaNWgWXJ5dTdSYwpfEYjTkhTBb9aKFUQF_xK_COitTF4MV8kmrvZKwz3TVDOYI6DZyx6hFBidDUqurJ2VtHX2rfpRHPp581fNY5V-m1CHuOtN1qX8s1eST1ciw1XTc_-227MyiiheAhcLPY48J8x5jqrOk2L3gj5gpjqdg5DDvd6JLx5SJxNcVvYipQlSI9VWoLBNja2asXFrx8maaP6QYnKfNlKucwiTF-lQi3iz13uqXQWDh_HkpsTV1-4lc-7ZSl-IMmDK4uny8A3IiwGRefrv7V8wkymUrL5Kvjfs31U7P5XSfUWsJX4zveovHncuS0w0eHzzzMvBED3PzG4qH-rU7udNhHtVPQ_oc95BHocyqjKhyB0JQXpbmvnoK198aIgAlGNIukNDc_9BuW45L3UR_rvFd1ikAFL6pjAm8bBkuSsNzmul46e6fG13mEbRbVfVHGMJPQW-_sYlHD5aa5kU511ATOSDXbYB-HjdpE86mSXdb0aiLUa5Cc01CishLJwY1jir-jm47Qz2xsQSo87qbKmcZAo45rHTIlLA7-9QcnDVtlfEulo4AghNT-M97S8YUtyJ6fJ2YEKMaxq6EoQ-IUEvhGbx8m6Ktvi2kiePefAAzLMPlqnQngMbU649NCPmU-Ww0-C86NX1AwPWvtCUuv3K6hDxJdDMKqNngWNIIZQqS9-u0uxbxTmp8zozO8KP_YN0CBfoM9uTQe1a4tovWcUuoK4IBwRdGLWpmZyahAKL8PA6iARThG24XFJvl0TY9FeaHIPJIcE5q99sYK7JTN7u31GI8sKJDNfJhwOYvt-q-oakbV-G9Z1AKbKfiBNe-tVkdtPvy3-y8yU7Vhr_FtD5XVvQHsf9ibCSU19aAtNgIBhzr5Qe1Dk_RKHQc4AIkwXWiYfP-ntGKuPLrhKTS8YKYEGOccsQaEyFPc33YiMgVQlpMZFDv7rXNS-p8GBAi40GtqxXg2uxCNbYOBS4z3do_htPk27vCrDOgXBY0fEjLHrqj7kH-VVeqhQ6VY-J-tBhPkrXLSo9uqGfDr8y_AG2gNdJD48DfVT0ZHDRFYkEolT-D0h5AzVfyMKTBnzcv4rzLTmle4BAecPDf5rlCgtA4qzFQ-8iw7DJBfggDlIm_mq1jIc4afW7i2a&cid=CAQSTADq26N9HBCkouTZDyvbASt4JlvMYvkYiNad6VnoVctvd-NJnU6g27Ky4Ckr-jEQPBOGyLLI4I9J3Ur1xIlJE8G6JfZATmdNe3DMzI0YASAO&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcc003c1063b0beadac4e71bd218b27a7f7e889f3cfc923ccc722d1ab916c1d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11241
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09F1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8FAaTVGKrCBgI0EZiYdDNvRfdGxAOLdDDbg8RJMrk-Vg_yHRrOKUcqjQXTE-vZS_rCvsuvsIFFLVZu2XncF4HJCoBtGTzZBltdPzI_T1ubQUi3MA
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1014661/62144026/xbbe/creative/ Frame 09F1 		244 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1014661/62144026/xbbe/creative/adj?p=APEucNU6xfUmc1GtrKvvboLbchcZ8tsjpxoU4ApKKhbWai91U4Ug7sc&d=CokBAKAmf-CyluUvJ3pKO3Mh_7b186PrlAw8UXeyugDPVMXsT_LNwKpqYwrBtcinmX3QBVXazQAgRHUJKRVLSg5KB_bgGezYMLzMBT_eWBHVqiCqdXLwaxHzwBu5mrtUTrdZ_4tCAgRLiV9yUBx1c8YlxehaKPqFIwl9rWL5kXri5qeYlYFRljqy9CASiRMAoCZ_4Cn_nYix7kURIvD3sYZoLaKKxO8mLaUjJ-xw4UgJi2iUJlZxqkdqrNgNh8xzfQ1K3CNsKPMFFW7gv4SFqQHxojeAMIIhto_VcNFmYEoN2mnK7l2a90ths1H9EwGAN5q7d3yVVMM_u6RUIRPQiIcnvB4ZUuAPkU9AmirGB2buFeAvedthojfIeJsF0LQDIdH0wG0guCyRd2TCFn6Vd6HPhL9k1jVRG7f0kkMS-ta4yNNboBvQCx9DxrOtj7Jc3RsChpdLmpRgMOVjkv8Qlq77FHJtrrmAGSNEXfHDjfgPTbyTyATiLYB9_osOapGHKj5162pUIP7Q6F2D7d5ntaL6vFdfVuVfi2oz4o5NphclhnkqzqR5Q9Yjv4OjeHdPmLBxz1DXhnU92BRk90RRBpr2YPctGg5P9AgNV9jwnXBs11cz6FV6esjV59uWfqEr3mw70xQkiODyuge57l4S6nGB8-4Zo0R4-7D2SOLGrT8iwM8S0GvHQSrUZWp97FtapxJ6FyUy4N7wYz9DnLxJinX7XgXboSIaMuVaUXOk-d6_gxQ0q1EeNxdh_XFNqBeKu7hgoLyS0Wh1-MtgS0bm55268B2CHB474jDRK775wDw9JfuAsLnCpf0mStzD69pmXlT4a2xT-goR97yHix2GF_BbIGXpsSamZ5IafiyBOMlNli7CN60qCuxT-4E0Zhr4qNtmghHgWmnr6SAnjYRa5-LRghtEOglY_MftUhWHLJSfQ2VRaIq93G_rzvnRIE_vRkTStv51yElvGCclCM4ahuYus2pKnej_DxdUUyzZGYbn57t1r-cuAy2LJAWFpI94BbNVuejNqwSsU5OF99L96FrfIAx1jfMB6J3Q1b3-idumAt-VttkDnk4Z98M8PVmQWyxhloti6RYHzyVkDDdOqCqKlyaBnIUY2OWfGrMWROSsagZYMaXv6iJHsoLE87qV37IyEzwQ6vzB7v_du2DKlKzb2ESfEd2jkgLPT3sjPBcP96OoCKmcNcnN88RxohBcYFsDi37GcnJC8ppfT1c4ut3mhex0gmbJ5beKR1zqnq1_2J4_DplqCHn1UoaM-0PLpVRw9jnXQWoUxn7YptqWlVx9Aqnoob26p6V8dOZvSFM_DY2ZhsRy7dni8muAMJx6m0fXf-dUoaNOjg9QmMs94oNpkaaPeWKpxKFUZLhucjbxwJ4DVpP3EkLkvDpevUT5_HLFNuT8Z3Lg-NWSLfX5MRXWZK6iJTAMyEKVuvQC9KoSL1LtxhQI54JBqwNYijuzr11mvNdbkWdv3TzFT5ggHzX9s8ANtDx1LOa83H0jwZOMBAULtLf3DBC1ql-b0Q_IDyu4SqY9bScR4Y3scKNvpA6QiUIobvY8mjCEntr3Ro5JGeb5xZXhLkf2Y1S2HJLBc74FMq_00qQz1eJ_LT7WcbJSV-yx8cxY-sjjjQfkHmueOzyGR8k9bDTGtw0fia71Hp_VOrbyb64RaegIEFzbC97BDgiEBFpm4Jbhsyz4o7YPm0jlYx0llkZdwR9u5Z5JfQ7xCb4IL92_XYmh8sAY1zrJ4qyF4ad4647R5ZBV6VsTW-LulWwDvEZ02sB-xj9LOBIvEwUEUa5ubiTftYHLB99677Pst-IM__SjMo9jiqd6keZIMaPAEVi0km8pha0g1qPtFhGftvJWAbnckieO0GAn-eOiTygDDEiMhCF5hbOCM9B956vIyNSs6pKGR8jchX_wQvNmr7b-QvWcMsQS53BY7bwK_eiJRXk_hGR-TvKub8lT3HqWdpTGhCJjxGmWeElRIoK0iK5IAyth4xRaYGfgp8P1Bx3LzQMaGJya82CPb6jpdAsALi7HgXY2rYXL-JJ1s9OlT13d66RJfFHuyS31K9h6L0nfChP9x7aHHGfV-kkCgnC4Hpl_gcF9ZuTD2_M6_QBsCu0T__hWdTWGBQx0ZEEANVsl6rAH3JZnOPYsaC3_sJZXcnH0c5p8feG4ij_jilLEBefORCar0t8CMg9bNOxWgpt7h5CIIXOOD34diQ8-ZQ1zT1ICU7mBFlnXqNyO07n_EcK4LV9sihqg4acOt02TOv7kyCXLbAGJg0KPXct58RsH3LUQTfFHD1iy6A5Xdexpm6o-CgqeKbPW-CIqIdHb8JeQTUPE8wEC8sSHbx0ddQlADl4NBBRR2qkdQBEOfny5uqpo55bE8Rl4veVG2aoJorNv0Q28GDa6F6Aq6g4_lgD6I-p0FdEhS8VnGyM-Vp2wvdBJlDjbCdVyPKvIBviz_zTW9qe80lKHOFQPHRwNiU2_u0ZQuauToWfi5k6ZNmlU4Iqhw0j6EmGdu5O1qQDJfuk9HTZdG3cW2VxaLAFPONd34ptCU5QxTiIgzTmdqSF-vUATEvVN-rCZ31ieLHAffCGmypyHk1gBFfxWfjkvoiVEuz37IOQ7oX7EXZ3GArK_pHKhhusl0BoV3mrA3weBV04NS0Vr79M9wbgmztb6_0gSSsw25n7HlVbtRL66ebK5of-nnlcIXy_8bIoZ9o26NGRyv0kUgscQlsyUVUx3tUiixAvBiS_EUyOBP5hNy-aYiOzFqnX-aoJE_y8Quzs8fBkC1-oGn-bIpUTrGuXCwD30ED5PJn4eg9LG7PztvGT3CXs36XSb4M4PfydsCGdGbigNlJ3n_RyD7EaZnT0SIcaiffLSQh26qB1aiySM3zz-ko0wSAh1MM2m7FLWADHBv45uBbhEJ4nGWVdGCdqHN_zsjJCp2kWj53lqMMN_Gxp14SpMuSzb75E8SfZCwHTq_7kot3X55tYAKAbZBRjYI1DqWhRVn-jLvFsyTFWNhqyyRIMbPsmAF7D41PQx-wG7HZkp-vL1BpSyJoFGA1NyG6I38u5qNBIlf28suADnedQb5-yrOuYQ1WHq7yLZNBwkI1CX5nl4HtCV11QWZwOeo8dcMcJMPwEylml4SaT0zGDmbFrOvl5wrLE1vQQYpXcNZZUGxc4LZ4QRXm5xyahzWIT1dStvM7YY4Ao5zvguol57yC3GAFedbRVe03m9DYEDuOvvGA1Jb3khzW1v2XpI1NDfwcaaF_0ZCHKyqAzDCW3-an72_zzqW1CcRDegP-evVTKnL3nAzkWfoSpUcyrCHdGcfMdCVkIgyywm-3_pmTKBIChd_dY7A24q7DywpeY7MOO1rgN9-BCye-TsYc_b-YenCBfaQHcj2wubPCcpMsdn82gViCvYAUjA2qGl0hrzQ4iqH5uYNnwCludkL_-LhH5hvBpUCAQSTADq26N9HBCkouTZDyvbASt4JlvMYvkYiNad6VnoVctvd-NJnU6g27Ky4Ckr-jEQPBOGyLLI4I9J3Ur1xIlJE8G6JfZATmdNe3DMzI0YASAOYAE&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-4573231550355221&ias_chanId=1&ias_placementId=17455270685&bidurl=https://haigram.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gYNGGhyvKn8ouQf4EhPcpF
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8b821700b36f9f457d7c6f5dbfd4140c3f6007bfe0093e9763eb0129f952ad13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 09F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 22:05:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 09F1 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09F1 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:02 GMT
cc2fa6f05f6b7ab36f626f2501931c3a.js
www.gstatic.com/mysidia/ Frame 4443 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4312
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 22:54:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 11:14:51 GMT
9a8178d18d321307744a4c8ce46adea2.js
www.gstatic.com/mysidia/ Frame 4443 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a8178d18d321307744a4c8ce46adea2.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4293
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 11:14:51 GMT
css
fonts.googleapis.com/ Frame 4443 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 05:27:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 06:05:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4443 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 4443 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 15:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
53929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9257
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 15:06:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4443 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 22:05:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4443 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4443 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:02 GMT
fed584b8ce81e04d8838584f2ea59ee6.js
www.gstatic.com/mysidia/ Frame 4443 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13787
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 22:54:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 11:14:51 GMT
MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:43:22 GMT
x-content-type-options
nosniff
age
476500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20960
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:58:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:43:22 GMT
rum
dsum-sec.casalemedia.com/ Frame 7C17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 7C17
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1YrDhiI6dW-s1epAXE.QgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7C17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:02 GMT
AN-X-Request-Uuid
0fa3ec1c-21d3-4d04-a532-11051f355c45
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C17
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjZ5uzHATAB&v=APEucNVP_rgYL3ROzcyLBNVDiRUO0mueEwOjPxtlNmkCGZwGHvgtIVThJ8GIona7sVSI4AqHne10OTTQKXGo1zIqBwCxzLKmRh737n6ifxd3dsREd2tbeDKwJanzZey6XcHXg6J6EfXziWPhyfu_D5L2kmmDahcSqf3QTgXZqym5ctw52LzCdYM
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:02 GMT
AN-X-Request-Uuid
5fa17c46-4533-4562-98cf-0075b31450db
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Connection
keep-alive
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 09F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CP7QIzOOL0WUzYeRkNo-bBCh3VRi1wvJQySa7xH5FZk8WKLriqWA5bFGqtP-8Yld4fmwoRTAZ7tHsZwIZF9s3L_DNgaAu9WQ_ObmIfhiUi-ve5FF_AQsCloMg0_OchF1GvhgOoLDxaEFtlXSqI2cIrwT46gux4-yNxR3mvLnCTZYlELpE&cry=1&dbm_d=AKAmf-CZ56psiokd_LrmHlk2-sBshvZKJSrHWctUC_DLCB-f8QVfg1wsgV70binnuTfmVceFJ2ulJN8Ilwj4WO21ARmNBRHuiYIUkHeLcnj8F2fZ_F0tMwcp86pYpXb43ap1ZD6uiWNEl1n9EpsHZLaTDxfI3giFvctbSYGWfDy1nZSEWjI8xa2qnCnfwV6vffc6Q5-XWOV4kOiSDbS-_fM6qTH-SBifWM8gvrcV8CdRjmuvwjdYnsBjhAFVsrf5DlqUrcIULD4e0PMQX5AhT4x98NJgj4bcZXwfyw2IwDyUyU1IQtBUFoNiL6_LEx4a3-l6MBqVe86gA_BJtAkszftul30b4OAdv9gS-sKmDWv6Yn3f4WMuVYYkViYV5YZotic2qne8z0g_BgFzNHK82jFf5Bd7ey-GJphkTW8vsaf_zC8wrc6yG3m2e5ILaKHeenLsGkkZqfBgAGYa_eTZXQYBQubBh3bJDgVDHcuTWE_VETmEiaBm0FGE41s-Kj05jOVjL7yIgSh52BNEokTr0_38IBzdiCA4wH43nDPar-m1rEyqwe4RShUz86F431-v5-HhfARwE3pw_LoswlD4lhBJXMJbifnTOkcNlA9w3nVo5YE9Y3YX2mga8otlv9AuhQka6hhUMZOBQYWosn4onZYInGrFsZG5zSgeR7HWFpIbsbne-jwKGlXtJk4lqM1ohuVi5GwbjfA4U8n7aWS5J-4W-aghmZZUFFVpdvus8ogtS19wBwhOFEBzh_asFWV105jM51tizWi_0-5D0Trkc6cuBcIVKVxbl1Q_gt6CrK2Z-TAFvw-ikbGG2EgOcA12GY2yzYl4lV129-QDKaDywSuTg2-5LJHB4ITbvcE47a1OaM-xYTyrthE1HyA1FNB76RfcCYxo_sEMK6Nf73iNvrlQGvMHgWxu03Qa3kGqVfEaC-Tp84hp6r4rX7WuwFOEn30sab3Huk5zU3nFxZ5ZtysVYxKP52ewnM6m21Q-b5hvrHSRb5VGbrNzStcOGYRwK6REfBTkrw1H0tvNfPTVqCaz85dF0Ps6k0_iOrHa-Oge53VshY8osPNGUJOZeiDB9S-ZwAc49C244A6NIdNOQv7T3luUqXyo42VMjAlFhMuafjuvUEupxBYFqE4KtX8PPNHON2LwOCWIZURaiffXoK93xeYvN9YXCo1wS0-gdkCOtuzMxT6NcnWQc7lcsx34qfhTi9SE-aIjUQp-nkksKUG8a6ac7Hv9j073NslxiqJjyy_Z-yDjJpdd3Ze3oHPVFeg4TSvS-oLmuOjAHhrQyy3vtjfjG-2FOp5j1D-1u4bvnR8n_FZ20m9Gz3BWW7U9swWrzgIKs3ZiN6m29ICOsBwUmvOlDFdsbFfLSXjKfnpvzBMscTu7mA8wkp5rm-AAwM4y8gBk_hjNhjfgzomSRXrYHurMhA46AMCdjUxReqtJermnoZBqtWv38y-QtBkyd1lLDg8AqCTltl-8ppmcBt0x-ZQhJ_ijv3UZskGfyd4o_KelyqzUPji5fwezdixrHvT7NMQN8sRCaeJLYumMBPR-r6XdeHASYPcAreiOC24AXoLl35IM9rzImeZAnKmSoLTuWkkhrP8FHpsBhPCFd4sB2keseZHJ3UBAE64NLjSgVfBLKuawRQyGmaP0ho4soVxhbusaeX5DYaNWgWXJ5dTdSYwpfEYjTkhTBb9aKFUQF_xK_COitTF4MV8kmrvZKwz3TVDOYI6DZyx6hFBidDUqurJ2VtHX2rfpRHPp581fNY5V-m1CHuOtN1qX8s1eST1ciw1XTc_-227MyiiheAhcLPY48J8x5jqrOk2L3gj5gpjqdg5DDvd6JLx5SJxNcVvYipQlSI9VWoLBNja2asXFrx8maaP6QYnKfNlKucwiTF-lQi3iz13uqXQWDh_HkpsTV1-4lc-7ZSl-IMmDK4uny8A3IiwGRefrv7V8wkymUrL5Kvjfs31U7P5XSfUWsJX4zveovHncuS0w0eHzzzMvBED3PzG4qH-rU7udNhHtVPQ_oc95BHocyqjKhyB0JQXpbmvnoK198aIgAlGNIukNDc_9BuW45L3UR_rvFd1ikAFL6pjAm8bBkuSsNzmul46e6fG13mEbRbVfVHGMJPQW-_sYlHD5aa5kU511ATOSDXbYB-HjdpE86mSXdb0aiLUa5Cc01CishLJwY1jir-jm47Qz2xsQSo87qbKmcZAo45rHTIlLA7-9QcnDVtlfEulo4AghNT-M97S8YUtyJ6fJ2YEKMaxq6EoQ-IUEvhGbx8m6Ktvi2kiePefAAzLMPlqnQngMbU649NCPmU-Ww0-C86NX1AwPWvtCUuv3K6hDxJdDMKqNngWNIIZQqS9-u0uxbxTmp8zozO8KP_YN0CBfoM9uTQe1a4tovWcUuoK4IBwRdGLWpmZyahAKL8PA6iARThG24XFJvl0TY9FeaHIPJIcE5q99sYK7JTN7u31GI8sKJDNfJhwOYvt-q-oakbV-G9Z1AKbKfiBNe-tVkdtPvy3-y8yU7Vhr_FtD5XVvQHsf9ibCSU19aAtNgIBhzr5Qe1Dk_RKHQc4AIkwXWiYfP-ntGKuPLrhKTS8YKYEGOccsQaEyFPc33YiMgVQlpMZFDv7rXNS-p8GBAi40GtqxXg2uxCNbYOBS4z3do_htPk27vCrDOgXBY0fEjLHrqj7kH-VVeqhQ6VY-J-tBhPkrXLSo9uqGfDr8y_AG2gNdJD48DfVT0ZHDRFYkEolT-D0h5AzVfyMKTBnzcv4rzLTmle4BAecPDf5rlCgtA4qzFQ-8iw7DJBfggDlIm_mq1jIc4afW7i2a&cid=CAQSTADq26N9HBCkouTZDyvbASt4JlvMYvkYiNad6VnoVctvd-NJnU6g27Ky4Ckr-jEQPBOGyLLI4I9J3Ur1xIlJE8G6JfZATmdNe3DMzI0YASAO&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:48:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4443 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEisBDStWY-jTMc-TgQf8jIb4DoKE0Otsl8G82-AQmJOxkAwQASCZiul_YJWCgIC4B6ABqN_ZqwLIAQGpAkFIsrZztIs-qAMByAPDBKoE1wFP0Gfo5qH4U841GwBIalexpbggpk0ykPxX0B89l0fCsmD3eLrG-z7ge5rwbJCe7mCDdTadLhqNprSyAugcconBET1dMkXm_PBdKJjSLlTmEpkM0lpDZN9yy2u3RWMgukjcSFtxurkeicgIpDAzjIsItDIRhuj0feMNlDg5vUVzOxr5eGhFVMmKACvaCaMo1izga5cwsjAVT2HEYUxRxmRBJmARNWi90qWUmsipd0-mcl2ywTxT5Sl3ISFp50MshbDWqIiWA4MSZ2If8jsUAmzhOoHAQb4idMAE24floZUEkgUECAQYAZIFBAgFGASgBmaAB8CgptQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQr4AT0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMjI5NTA0ODQyNzU4MjgxNxgA&sigh=Q3DzpMd3m8I&uach_m=[UACH]&cid=CAQSGwDq26N9ADRNJXBSGTJSnuNe7DUNLExKuWW3wRgBIA4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Oct 2022 06:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5A54 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 05:15:23 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 53E2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
386761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:39:01 GMT
expires
Thu, 19 Oct 2023 18:39:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5A54
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:02 GMT
expires
Mon, 24 Oct 2022 06:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 3BFC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 53E2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:09:01 GMT
x-content-type-options
nosniff
age
557761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35660
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:07:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 19:09:01 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=haigram.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=haigram.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=201067402340645&correlator=3013962174460927&eid=31070473%2C21068766%2C44775319%2C31061166&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=21849154601%3A22445082990%2CAd.Plus-336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C200x200%7C320x100%7C240x133%7C300x100%7C120x240%7C180x150%7C320x250%7C250x250%7C300x250%7C300x75&ifi=5&adks=3731781235&sfv=1-0-38&prev_scp=site%3Dhaigram.com&sc=1&cookie=ID%3Da42aa1789a025017%3AT%3D1666591501%3AS%3DALNI_MZQYv1OlK6jVQHuJuJCRBTratIVvQ&gpic=UID%3D00000b7801ae9902%3AT%3D1666591501%3ART%3D1666591501%3AS%3DALNI_Mb7FrHUrbPLwp__BfEg4-fXjg70qw&abxe=1&dt=1666591502721&lmt=1666591502&dlt=1666591501518&idt=159&adxs=632&adys=29&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhaigram.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
268848b9589aec907547ef4adac5822b6fd0be0e650bc5545762a4f581731566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9474
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haigram.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rfw/bgd/1014661/62144026/xbbe/creative/ Frame 09F1 		0
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B2B8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2816926
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
FIZYMsCVHzWS36ctbOjxi3KjBhgVY7N2991IPp4KB0qcnFAWX137cw==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 21:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 21:37:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=201067402340645&correlator=3013962174460927&eid=31070473%2C21068766%2C44775319%2C31061166&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=21849154601%3A22445082990%2CAd.Plus-320x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C300x50%7C216x54%7C300x75%7C120x90%7C300x100%7C220x90%7C320x50&ifi=6&adks=950051178&sfv=1-0-38&prev_scp=site%3Dhaigram.com&sc=1&cookie=ID%3Da42aa1789a025017%3AT%3D1666591501%3AS%3DALNI_MZQYv1OlK6jVQHuJuJCRBTratIVvQ&gpic=UID%3D00000b7801ae9902%3AT%3D1666591501%3ART%3D1666591501%3AS%3DALNI_Mb7FrHUrbPLwp__BfEg4-fXjg70qw&abxe=1&dt=1666591502788&lmt=1666591502&dlt=1666591501518&idt=159&adxs=640&adys=71&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhaigram.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0b340d17b3ba117095f2b74e56b2b8fdc5f3ad9a3a9266bca7780c43ac42147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10832
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haigram.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:56:03 GMT
x-content-type-options
nosniff
age
281339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21560
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:46:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 23:56:03 GMT
dt
dt.adsafeprotected.com/ Frame 09F1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=7a7a1fab-1d8d-b30a-c0cc-693ec0c95be8&tv=%7Bc:rWftDw,pingTime:-3,time:73,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6ot+11%7C12%7C13%7C14*.1014661-62144026%7C141%7C142%7C151%7C152,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 09F1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=7a7a1fab-1d8d-b30a-c0cc-693ec0c95be8&tv=%7Bc:rWftDx,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6ot+11%7C12%7C13%7C14*.1014661-62144026%7C141%7C142%7C151%7C152,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:haigram.com*&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B6C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dole777-EQSPI11rf68-unsplash-1-scaled-1-480x360.jpg
haigram.com/wp-content/uploads/2022/08/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2022/08/dole777-EQSPI11rf68-unsplash-1-scaled-1-480x360.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
97f46d51d9d686c4a7fd4b5d75dcbfb16187abbc48038a59e75f3593b326d2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 26 Aug 2022 11:27:58 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18854
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:02 GMT
30-768x444.jpg
haigram.com/wp-content/uploads/2020/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/30-768x444.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
caba7be01a9df9066925fb48177870e75fcc213795ca61015e52cf63ffbf98c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:46 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
41132
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:02 GMT
29-768x385.jpg
haigram.com/wp-content/uploads/2020/06/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/29-768x385.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
df194280e8a78feb4174d8b3576b8fbfeef6188143024b657628ed601b6bff0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:46 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54688
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:02 GMT
28-768x421.jpg
haigram.com/wp-content/uploads/2020/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/28-768x421.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
a48190be924acb42997311fc129a0e762844485ca0b41b4c2b0f7934ea5f9822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:48 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
36611
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:02 GMT
27-768x419.jpg
haigram.com/wp-content/uploads/2020/06/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/27-768x419.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
889c601bbb5f6c27b9122534c24ea3f38614c40aa1f5332afa0d423e224cc614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:48 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47394
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=201067402340645&correlator=3013962174460927&eid=31070473%2C21068766%2C44775319%2C31061166&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=21849154601%3A22445082990%2CAd.Plus-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&ifi=7&adks=3666442473&sfv=1-0-38&prev_scp=site%3Dhaigram.com&sc=1&cookie=ID%3Db12589288e9f76f0-22081bd653ce0034%3AT%3D1666591501%3AS%3DALNI_MZqmsE5EnXqpRvmiTVFMK_fAznh0Q&gpic=UID%3D00000b780183a451%3AT%3D1666591501%3ART%3D1666591501%3AS%3DALNI_MZpZgcOfqI5KFdADI2IqzEW2Qi-ZA&abxe=1&dt=1666591502833&lmt=1666591502&dlt=1666591501518&idt=159&adxs=650&adys=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhaigram.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=141213828.1666591502&ga_sid=1666591502&ga_hid=1708394542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a57f8b2555e1110acc9dc337c7fe934c309fb7900eb729571c92a5ad1edf2ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10066
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haigram.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 09F1 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=7a7a1fab-1d8d-b30a-c0cc-693ec0c95be8&tv=%7Bc:rWftEk,pingTime:-2,time:123,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:334,beZ:335,mfA:336,cmA:338,inA:338,inZ:341,prA:342,prZ:347,si:353,poA:354,poZ:374,cmZ:374,mfZ:374,loA:408,loZ:411,ltA:457,ltZ:457%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6ot+11%7C12%7C13%7C14*.1014661-62144026%7C141%7C142%7C151%7C152,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:103,readyFired:false%7D&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
26-768x439.jpg
haigram.com/wp-content/uploads/2020/06/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/26-768x439.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
d89d5b86a550f90ad654fa7f378df13d983140ba351686ecfd0fc2b2c394c896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:50 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
42925
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:03 GMT
25.jpg
haigram.com/wp-content/uploads/2020/06/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/25.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
e58106e0c7a9452baa2b22781f9775b5f3da2e68e2d0a59a3b421b9f7e0ea4cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:50 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
29758
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:03 GMT
24.jpg
haigram.com/wp-content/uploads/2020/06/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/24.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
41a78a8f3efa9c0dcdd9b83e834bdac0f91abed6cd81f5c400606ba8ec35b3fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:50 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
35296
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:03 GMT
23-768x451.jpg
haigram.com/wp-content/uploads/2020/06/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haigram.com/wp-content/uploads/2020/06/23-768x451.jpg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
075c9cba3dd1d6297e050d52f82e2343db39b552206a29052aac90f92e73f4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haigram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 17:03:52 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54194
x-xss-protection
1; mode=block
expires
Tue, 24 Oct 2023 06:05:03 GMT
fa-solid-900.woff2
haigram.com/wp-content/themes/gridmax/assets/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://haigram.com/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2
Requested by
Host: haigram.com
URL: https://haigram.com/wp-content/themes/gridmax/assets/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.106.252.240 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv130.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://haigram.com/wp-content/themes/gridmax/assets/css/all.min.css
Origin
https://haigram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 02:06:18 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
75728
x-xss-protection
1; mode=block
expires
Mon, 31 Oct 2022 06:05:03 GMT
css2
fonts.googleapis.com/ Frame B6C4 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 06:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 06:05:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame ADE2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 15:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
53929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9257
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 15:06:13 GMT
css
fonts.googleapis.com/ Frame ADE2 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 06:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 05:38:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 06:05:02 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame ADE2 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:35 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame ADE2 		359 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127092
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame ADE2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67812
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
l
www.google.com/ads/measurement/ Frame ADE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGTJhwjcy4Og5k2cVDt90uq6IzNJDTyxjNTuPn-YWIloLtI13T_JpEQXb8xy2w8XfHtRnwRaANCYkg6afSMmGC6tFM3w
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame B6C4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8235
x-xss-protection
0
server
cafe
etag
7715946797152839796
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 18:37:30 GMT
anchor
www.google.com/recaptcha/api2/ Frame 67A8 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2bba5229ee6ba5c14553c0493414e4317798fe9315b2e6308676ed0e4dba9543
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BLcGkq7U1p81fXcL_VO27g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23218
content-security-policy
script-src 'report-sample' 'nonce-BLcGkq7U1p81fXcL_VO27g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53E2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bab_DDitWY9udHKWGjuwP48yu8AgAAAAAOAHgBAI&bg=!LC-lL2vNAAaaxvStusY7ACkAdvg8WqD_h4m3V3sFk-hdHxbAvHixCXTH4G9hMeiB4MXCSk4wCMIBnQIAAAEbUgAAAANoAQeZAuHqJWBI96LwAIekHpQUYVHahmJQdQOY_ytgh-ZJV8w8YFYOdqL0-WDjCswIqr4OaHEbyDluyVbvHmOxukxwLVNltpqgpmGZMpbQBL1l2Nj5vleb8N3tyt8LTJbhDZvXhoRgiMkeM1iBwZbX0qnL0yPVyvajvuhAuAJFqHDWy3jVZzjkocuSxj9F0pGBOeVi1DSeDkU2ZEYNbaMjJRlJn4q1Wu7qyBOczbnyc1bbp1kbykFI-zhC6C51soYIy0kse_fiMvVlaoRujxfbNixhJTH6Evcsea8iUUHbe1p2fnwq8GAp0VL3x734_B6Zn7eVwKV6ipEy_k-ugb4jEZPafAgRleeUMrSOj98nDcYowSWz7dGTLPPuUIsG3lxAYMlPW4KCvARz6G3lr5dgHOYYELW7zmATbnhm9PQGjyyGoa7zNByL3I8x2ahO4RqpVByP8YKQEig3FVlx03vqAlxX7WuSNUx3hmFKXOtXceQoh90mbz4bR-yzrRgEqCBXQxbNXWVNwJ6uVXD5tKZVkOqQNwTJSBhQYkh6lkR6VrQ3C1OWG3glvyf06BVyvJJ_4TDfpTigqiyTwMpHk6XYEttGpwNBcF-DQ01TgGBvBZEFaq9DwGwxtAKWUj1-izC5cAajkQ8lHwgtO0v7tLubsQwE6OC7nuyNHnCVmqqhGF71WGfB47kWwtmC4KjnF7XbwNlHtpLtjRudvV3o032Z3umvz9JvUBf84Ak6njHnhz6DaKqUwOE8N1yI_Ys32QmpMmrOTni6HBAhHtBgOqP2jpPAZWg_1T4VGtN2ThV0gPZMFoyNMDweKmoBFcsTatqEpcCg1YQK5Z7ss9e2DFyawdGapsD4rCnF6bRHc0DfuFqhaHi1SUJZSCs_tIsb6LroQiN6gPISsPJ6XHNRKneeHeXgjpsS7hWiTqh5MGRH3aPbkLo4jftUevmMBchtkK8FB6ncVf8WxOQQyyAD2GO4qt1IJjx_2A
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame ADE2 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9mdjtye&c=2985777585259&slotId=1492888792629.5&qqid=CNnd75OZ-PoCFYDmuwgd3poHVA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADE2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CUnF-DitWY9meFoDN7_UP3rWeoAWnvIWGbf6J3fndEPAuEAEgxvvWeWCVgoCAuAegAavI8pwoyAEFqAMByAObBKoE-QFP0NXXce0S1BNnv4F_2lNNQHkUHzOFVaFZ9kX8bOeh0c3SqnH8sEbihlK4B-KEYQYDj5tPxh0DHaMWetZB_0i2iA36B1maxUcVWyTLt-YSRbD8nizSsNM5BGuiQbBc9re2O2a5Ed-nhY5195LW0hnk8WxzvKCBo7cXBKBGcpcivSSYHMjAP3iLXXs0jY9J1wVGqCjM-N-KAzaIe0TgL5s8vgS2Mq6SVFDQ_s5IVRoSQyZVznMh5Ru-nkCacUMYzi9M8s6u4OpHq2zimXlyGinNFeTUcpK5Ng3l_LRAuyUsRsfQuaJoDTBt7jmfV8BN99lAyUA1G9g5Kx3ABLeFg5aNBOAEA5AGAaAGToAHq4DD_AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOYi_oQ0BMA2BMDiBQD2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1666591503213&ai=CUnF-DitWY9meFoDN7_UP3rWeoAWnvIWGbf6J3fndEPAuEAEgxvvWeWCVgoCAuAegAavI8pwoyAEFqAMByAObBKoE-QFP0NXXce0S1BNnv4F_2lNNQHkUHzOFVaFZ9kX8bOeh0c3SqnH8sEbihlK4B-KEYQYDj5tPxh0DHaMWetZB_0i2iA36B1maxUcVWyTLt-YSRbD8nizSsNM5BGuiQbBc9re2O2a5Ed-nhY5195LW0hnk8WxzvKCBo7cXBKBGcpcivSSYHMjAP3iLXXs0jY9J1wVGqCjM-N-KAzaIe0TgL5s8vgS2Mq6SVFDQ_s5IVRoSQyZVznMh5Ru-nkCacUMYzi9M8s6u4OpHq2zimXlyGinNFeTUcpK5Ng3l_LRAuyUsRsfQuaJoDTBt7jmfV8BN99lAyUA1G9g5Kx3ABLeFg5aNBOAEA5AGAaAGToAHq4DD_AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBOYi_oQ0BMA2BMDiBQD2BQB0BUB-BYBgBcB
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame ADE2 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ASSDNRYdyf0hHbvKhZHUj1ps8sxCUZL4ZteouBuNebMkNSJkxZlOpYMrNKqIRks9gbiwIX7auX9MWuNz6UgiMpoINPEQ&cry=1&dbm_d=AKAmf-Af0j6gPpnjcF1TjE6s8R1LYcYDzmDTnC65CoMIIBYhmy8G2xZ4KEAsTCVD9DwGlm4M_y7SKNDIwQoOaxpqBu-2jHvTA61isYTUfnGieRWzs16XNm5UrOi1CkPmlS0Tp4yL20pqmibBnkIZJ8oMCIxZIKkbFSL5r30s57Pv8CyEuDdvZTCwK2vGvuvD_KE2ZMFzbSCUVpbTwRMzE7PtEcQy0D2g5uxZR-JHuNKwHIYeEIli2CQ1loQ9vUb-ouUpFlKy9MuKUFgWrveV6ZfHfD8jyDmR3IZrOITn09Mck5xjmjWpy5MSUX6DZRWpf75ueIFhhxGh9MIT7cmXTp8XL9OPq6UxWN51RkMHk-Akv1Nt6wPFHPpkS1UjUtwY_nvAesXJJ-egl6H-Bze79IF9K4VUa4ebBEVGYeL2atRnv7QGJbwD4RHV6SkT2f-ZdsszGATBxEoSoy_ZHZWthaJdh8c5nx5uc9wTxsUkuhl8Dw2F5l-tzAXl5UID9ICpYW5W3J5mslvKfBGQC6Ivu_I3hXEkyimqpHzcHSO4jXDKeRAC-T19YMbcB0jU_J0uUHUVZkyTVVZujHueXzhSED0oJns6KI3nWcSDf_gfFxTHGbSFFmemmBw2Ix-em94YawRJf33XQPGtXn9crzpNSfMjiZ4YWZ24hwpLu7pNouNS8W1ob_aMgXzdaBk_SHcnSKcDAyWh9Xcx8X8IwLpSXbVgZUXeiyTQqm1ekofUAzsLLrkFDO1VD1FgPowkjW6ZDNtFs1nBRearmWrDTIWaUr2NoXaxpY9r3whWPk7MXR6VT4UCIOAS-MvMr1dpLLgI05bGiMPPWOAyjMRr1BaTeqTJofft0B346aD8jN5bB6m3yzbS3Dcao_b10ANsyaMbkwEwveg2e-S7y68UksGvBBbFmuelBX6OIb3SErouaHDNdsW4h6_enSfXGVzA0DPC-DuXctJ0mOPeKB5VBPzWleGCgQQni1g5HHQu9Eq_rITcTczYvc9WOvIsSAG6G_Da-2_cg2jvt34InniGFY4B27_8UiXbXzPi9_gPu0H7Ihfb4jPBhraWK8UL3hJAMXQYtOm0GW_cmv5zz2U3C2-e5HtNP9nvjMG4J7fOr-H1ItNt_mlYpXAo9m_Pyfs_RahyoUWuhPGcjU2H-zJAfVFNtIC-5CV324FR-xplQf5t_7w--VODITJ2K_9bNBTQzdO_vw0dsW1wB08G3Thkp1BYiTI7z3EnCuR3j37cOquSnM3ZWo6ec7OGH4030L18LYYLvHePJ_S4uotqIQtqGx2rzeFTPAOfWj41mQ6LvImyzPneiEcIiW1sr5_aHuPZzRpsvFv0ZVRomGjWHFPK-AfUljDc9CQad0abJdythOkpRIcXe6r7j41DjE_EQexv7YkKFEb1lC-XYo1T1fGURJcAl8ODgIC2mIbDJ123KIX2EKJdowH4hYXQHv8JOrP6X8cL61p3rWz2MSTniukNd7B5s--aeM_tZ66ZwcMf8pV0KQYfH6GzJ21QFupflppPZ7TeRP0FHaoyfKbYPwgq2Q-KJ50N3XcPtfI0_uApLN6xUMTAMJPK6Tl1ek6C-Ju-kapnhlcYpDIAu7elHg0-1Rqv6C8_jn6f_BfZptOU3iX04RTYJPU_alAOW5yBRmuhPtk-WadIBr8XewzlIPP_tAc4vAxtOZmsDwuQhlmnW3-jIVK8Jg_X7RYer05CT5oGb6d4TlRA1_0Y1tH4w-VzIT0lXav655qxKSawQ9zFzO1YcJApDP3CTGDXmMSPJYktrDpDtrndCPrKzSOIZK17t7r4lXTGr5AczOQwKSgw35UGSrrAmlfjfNM-vwHVgpoE2V-63BOrII5CofTGImScBLCzG3E5GZJADMQd7dcFyKExJh0-vJxmYE2UHKjlNxtuZZb4YbsJaGFk4NJDS1-K3TPhixSMtHFQxJINwNdDthD-Jl3OeaeJLn-OXN2AWAAHLidV7a4irKioHqOc8yj8yUfxUYiwojQQcbirbM-qIP-7TwC3PiNTfg8QowSf9gor92CQWRIaeZvxBwWLo1FumPAv2QbsmMVJQy-5LnOaj-EvYtr7XCIqIbK4ddOfqKYdOWGPwVekdPGF_xr91PVJcBDCxXyfeECtcupRbreW3vqfK0XahI7u6-Pk2nTYbscezha7KY1IDEDFG029f7WiVs8J0ceVLoB7OMyyYAnCGKyoB0NWWnNxsD_rpsc1WcnpetGc24EUUa46Gi8gUdwdDMK0U1y0F_NB0rq-21q9aS7XojlAWRoxzB-8BFamnlDnbzANJDFTRD0KKTVbMio-0jyjCjQ0lYl70CbvYdu_G2Xu0XMl_atscoDFpu-khnnZuD_DasJU-1LyW4eWZ4E2BjMeGnG8qjlpvCJ3SCTxTUGuvDid4xhdLPuq9WJa4xczTVn5ufZch6K0KUa94NyB1F7zWL65lyy5KsHgwrwjGQKhz3mW7ZNJgV-20aFBZLNJOC9XbVCdxpHEtkNvd6FnUlHS9SzoUNQLAimajW_sx4G_bAFR4UVphEX5E6qSgGP2iawOhhmoByUKK9VNqWJ319WJ_D9KHGfa6OO8tQU1Zt15srJiQ_vi6oUZKjDJvWJJMpWQ29V9_AcVXUKWyxZY2wBuwgleJhHuY4f06dCwwGpNjDtQK9G3QlIGXIL0YpdX4E_oagU3WHQptTzy-zkwm1fRoTyDWe7S38XmNG4pUcw2ua4iPloJjEI8e5nkBa9iaZdp8M66E54gKcT-MTw0V6FcbdST7dh0tOk0CEHBzhBuUon2E8nU-tCxxR9XgrCDGiHP0BO0HUMWml8z3jokkcfmaDE2VENzrCUcuYJHvfBnAtgrjGqrOP8411qPCihpaTZB3oygE9fg_WrSdcQlBuemd6HA4qf6gf0kOd2UXm48_ViumxQ-h0WKfw_qlPjD2ZfVArgw1eFYo4Kq0V-WEF6e1Vr30Gg9N2OcT2UQL6sxQa_e58ZqZlPXcKgNf5QrcmweHCF8k7gsx-plR94uJ_7uV15iSuq2rpbh6zaKrdnlIR37SCpLowxcsUmoaZq0FMd8AnGVvZgdi83RkG47OPC2kGjE7R_de8NDu7qbPJ9p4uZV1W1HMOxtsH3YN7PmQ8NczmwUlXjUvqLP&cid=CAQSPwDq26N9EdmeQClse3V3L2sSnQk1RRelqh_SgJelW3emMgE2jAcrU9JWZy8-lk-i6AQyesWmLswcWgGkjFxtlBgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
a4b790ce97c10e8abbfb93bf4d6dadb6563c425bbf54c4b4ce095325fbc26247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16058
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 67A8 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 10:43:14 GMT
x-content-type-options
nosniff
age
69709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52913
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 10:43:14 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 67A8 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 21:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 21:37:49 GMT
dt
dt.adsafeprotected.com/ Frame 09F1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1014661&asId=7a7a1fab-1d8d-b30a-c0cc-693ec0c95be8&tv=%7Bc:rWftKP,pingTime:-10,time:526,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666591503251%7C%7C6b1103b7ef2c1b5d9f377401f94ef768%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Ce0aa7ffffb7ba4ed8732712f56bf7e17%7C%7Cd4efc937cf3b39d8b684c611191b4c91%7C%7C132d1609a6ddec5e7e3b0c16ed37d6f8%7C%7Ca73306647b8fc360f6bbd2043e2970ce%7C%7Cd32b47d65d9cfcaef63cc3e156adcff2%7C%7C1663701684%7D
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 67A8 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 67A8 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 67A8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:40:09 GMT
x-content-type-options
nosniff
age
296694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 27 Oct 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:06:41 GMT
x-content-type-options
nosniff
age
478702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Oct 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 67A8 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd&co=aHR0cHM6Ly9oYWlncmFtLmNvbTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=normal&cb=j5jdaahe4sh2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 24 Oct 2022 06:05:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8FE9 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:03 GMT
expires
Mon, 24 Oct 2022 06:05:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C3D8 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk7TijU8lhCtc4QVvDYpU3KrfMg183fxYMltEprkCoAz-I1MDpRJCtp0weyxf1H6SsQN0AZfhNsVJ3sYxdiBEVhVnWag&cry=1&dbm_d=AKAmf-BmPIPjI8d-VBcsJuzrbc7DCE-G5aqQC2vgBsTeVPYerE0_NMaVUKjKUWc2eXESxXa2IBtIFf0ygHhqtWlK-74u3Fu9UfRoa8nog6Kh-OKvP3jRnjjXycY_9O-jMbvVhZDj3W1lrLs7A7o0kGZj0ZnTNH_-wcnyXGZtRQjiDW2eWraI12qyQiY1Pr6Y2bCluWe_k-FD6DVSuC8yJa8oCHcscaXDfb9c-jBz5obo_meKQEMDWiCg8L9DVUPV0jVVZYZ1XSjiQdiXH_ES_iDS1XJpoaNreUzWxQRMtost22XVd7QfQBxodEBYWGq7pPr0-u7JY7RQ1j4Ac8vGlwQhodn4MP93uuIZOgel2BDxL4SaQ9U_xxkdkUhw-n8gb_r21EIofMlLl3O1U1Q1WtSBFryqOgUDnudI2wx3xMAvu208u8wuBnKSiSM9B_nxqjw5jaK1wV2k7Cxi6pTMg0GDf6AH8XSNDXflSlMYX_BcjiqfgyYOnWK_gpZP6LkTJxjPdX0Vq_xsv4PdMvOzQWKPEgW7AYEc2CGFU3eiyPzINl1nPkbhgSv7P6FsCS1pEcBx3k_lvZcr0OxRrfgw_NHto0urZHQwM-XMSr_kZeC0-S95pR5r-UoTGodyGzBKCgpRGAT5ATRBnTrqHVyaRq1tPTA7vBSV4h2lPQGWGkHDaP4GVNeqLAKzxKYe_QwgmUaCCuH1wv6q8h8ie0ACzMes60KSpUhr41ZUZ2bgQHcjEchiJV3dFkHkeC4lWxaDvNcxjDITCdDMKujSswbuH1a9unRgWLiPa1TLF26KcWtS8QNsgw4DipQqE5mDBiq9Yx0hj69zEEABUjr03cbJxweTHWlW5YFA92lS69oBsKub37e5WXKBN-ULq9azt5BRY9TFiX1_-Jz6iZgNYYjfyr0bKsTlR8TFlOeXZgFTxjhLMkx5O-nkhLtrPs3cqXO1b1_gM2zDWONg4zwhf_1HzGw6aiCwr78_sy0dHmPcvaVuEwj0ar-43MdV82AM4tZXL5HVvykwVbwwy98mNgE8XqV6mkMMzMVMrckYNKIXkLsTRIpMO9svEGNEwzck32_WNDtVpSZ_RV8ol1943GnzbhUYbcM1ITlzlozxeznIXddWV1t3TYxdrxbARZjyFpcxQCS8EbL4DTeta1qPxUFyMHIdN2Q6DvF2ZvxRpVhkUdGzFmvPbZMEV9aRHsrjvPto8dmQzKB-_H3veo_MAkgMwj4pOV04wyfGaPl6rmHyVL6pT8WNVwBIo5ZOP_v0mTvC7DKlH0MLaY6n9KrYbkkwsieBb3FlskWMc_Pg3YIEehGpuOgjSFa2pltPiwFJ99hfkqfZ5h2u_mLgcm4QUm3BNPUInW6CCeRhTlZ-G8rr_PvQAMOq6Ov2Rc8lTDvu7bxriiIjE2ZXS2eTCWAhoYONhCVlFdL--CxU-d4-ZNlq-5C46JS1api5_NV62bBQXEQvGQ0A4-3fv93o6qf_9806Sc3qaEecb6BeNL57cbfPXgUQ-S_oQUtMilZBPXR7nEbLSI9hQsJztYtH34iKGbrDASIwC_FVyNLTN4AidnGKs-vBliULfumt-SmQXdqIcpb4dTNKtALixPsLKs2IlXXeSRTpBn1qWxfoAwP_OG7Hdk_HIc48kPHUAn2tdJoVFGjDJYEMFtqPKdlkLRKk2_TZGXJgst2xxc9L1u_ut8iw3MIh6dd6yRledm2yWzRIVqqRvWrPO_tI5t5IEdkKZPW6TkAahvUSsa39Lmhxm9M3pNWnvG_IfY3AvXPSVaL6F9Oqa1ntYlv9YeehNR1baruIz8O8Tc6top2SZBmh1rrnIfCNs0xN-4YOIezXTbbMSlrNEgOMwdbh7KGSg8tUvA9K4M9E08YVu0tyUe2Cg-fIxU603kWB1w0vohpq18EXba7tCjzVn3Rjqbqq6kFR4wxK2ZOEuCd3V5XcukeKiqgL3RAhhpxoZv-eIHpzX2BJjveAB02DFXET0nJMWY9Jzt-7dy_Bv7yqYBh1Qc847BTzzHtk6RE2gehfjTwwBMwVHMQcrA-Yb3h0Q4RemFGRaKk9z_A92hdTPts1AvVaaT5aqJWYo-QdUq7KNYdZ44kNHHCSP2NxF_nm55bpTD8LisFimfx4gmXYhcVTOfijlYd1de-GMgoeim283ThsWJ08mL5qv3PaHaD3ug4ixwaZZPpOHpZ6ywKK2hM2kHYGW3Zkssk63l9j7VnecTAgHw7h-zFpOWvdxp7Ln4a9RgCQWc5akrbaktGQ50d8QaZEH1ZK1pKrMD8glIqaQvw2WbmXvCf7Jc40n2rjf1JG59Fsa_sg8aQTemvkdydpVy0X3YBO5yJPYA3a1ETERybnrW25C3_-1XLPmajYP0FiIDYKq2WLgCjj3mXVh0shOMJe7kaMcVuMUUE6t9jT9avR3DJpU2usHggjAU4JCktOxEIjP8_V4ZIbVJHQ8ribX-Dk5cHPx9u6j80VuQCRBscAXC3vCKIdgYWNZ7NTMg4i5m8XGh12kvQU-nEMjEnxcY7501JaVQpD8YbcP2ulHm3PFDNkhEAnPA-38R4O4S_if-V_AFS6JNFeOP0MLDLr0ZV7qpfGZ1UAZwtWSxKOc9m650CozKZdaDNg008n_Jd4nvz5VkX1BAjXMHzV47oHjYcFaGDZkHoFDzI0B0HczONcg0jjpij8ezFktxYV-mpvw3-qYwwoknna3ujlbFDQg6R3sobG1scJlRiVqCQ5SVNu3lN6JT89PTECLzQDz4Wr3B_6ciz43bBeHk_D4Zq77kF7kabpZKLQUtuDWfP94HQ9bfeODu3T13sUZJpdg7QUPXjXhbQ4BctdDbVgSrwGo6nRpus53zeJmk-ytpgpyT2EdrR7Sgp5Uq2HvAW8cVChWY7KFXEDbWgFCf68PjKqrXOgt4KtJByVSIaLYsMNCuyRplQrcGpnzH5VegshkThuUeVF-8Ad4dP9NRpi6UyKnsJZq_kzVDEs90OZgb5jdnvmTYHcTgN9oQocEvXbQ3Ddj2BqlgLTw3vL5-qFEttXShPV98DQ2qQIEgaSJcICI_V4pgl1F66KyOvRys2zVx4QAYK2aRjqf4Hgo4ppnNLgz78JVA_vK08rWiRX1OJStp4npPOycnG0Wy9yEAtMi3R_auFUEpa08FjBjEDUu1MZyKzgegVnr-j3R01TnxEQhtHNZeHoZnmUGidN4V_1PCGzC4OTn8pGR3-Jy1FDfnkDZM8a1-J2iW0MPBbvB3on1FjmPQfizZeCHfAosGPITwL5MusLCs9giXlGH0fjUGKsJPhOgI_-i-4gWiZ8NQl4xqSXOt2n8YJQIpee40-hiTp_Wa5IiCtKXafxtSarKgCgpg&cid=CAQSPADq26N99md0R-cKsOQ_R7e2OA9iiK47bzAj6oTSSPS5a-47GEvDmDlTYcSh8sctHPnTCIdRtWhTnxa3UhgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3de5f748681b730ffef09e19ed2b0e12ae61835e94b359e3ff4ccebf4369c6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35514
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3D8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DonLmdlXtxfCdmwRCWMBAEeEXGm_96qVnLz75fsxng4B_NRjUlxkUdLc9EekRNGzaabCAj85Oc3jNRyD2f9JGlyL72D40D9ZgB565T-3fh450BWv0
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame C3D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 22:05:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame C3D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3D8 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 8FE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8FE9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1YrDhiI6dW-s1epAXE.QgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDEIqSTkm9nBCuU3pmzepyE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8FE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:03 GMT
AN-X-Request-Uuid
d8156b72-a274-4969-8294-2e40d97f453c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnqXmH3xW487zjUGqSqqsM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FE9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhji7KbUATAB&v=APEucNX_qKhOIpdqqMIr3Dln_7GV5RR_lb4RkD0Mvi4xuOFMEgAcYEA5XRVB3Qx4sxCMM_1oFlNg3j8kAEKX1DsASkmc4mMSOg5VKKuEQbLnhJvD_lQEzCfE3pyTXeV7MLPEVLBAa42qJ6HX_UIcKQlUmyov3j9PQuEICYbs8gNqemJC0RFXY18
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:03 GMT
AN-X-Request-Uuid
363e0b30-5257-449e-97e8-b90e90a76fcd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzA5NTI2NTE2NjM2NDg0OA%3D%3D
Connection
keep-alive
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame BE80 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
714ff128c84f7b8014a243c19160149e6e3a9a185a4373767fd402bc7740435e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E_vhpSBubcusISXMiZnoTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1117
content-security-policy
script-src 'report-sample' 'nonce-E_vhpSBubcusISXMiZnoTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C3D8 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 08:47:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame C3D8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk7TijU8lhCtc4QVvDYpU3KrfMg183fxYMltEprkCoAz-I1MDpRJCtp0weyxf1H6SsQN0AZfhNsVJ3sYxdiBEVhVnWag&cry=1&dbm_d=AKAmf-BmPIPjI8d-VBcsJuzrbc7DCE-G5aqQC2vgBsTeVPYerE0_NMaVUKjKUWc2eXESxXa2IBtIFf0ygHhqtWlK-74u3Fu9UfRoa8nog6Kh-OKvP3jRnjjXycY_9O-jMbvVhZDj3W1lrLs7A7o0kGZj0ZnTNH_-wcnyXGZtRQjiDW2eWraI12qyQiY1Pr6Y2bCluWe_k-FD6DVSuC8yJa8oCHcscaXDfb9c-jBz5obo_meKQEMDWiCg8L9DVUPV0jVVZYZ1XSjiQdiXH_ES_iDS1XJpoaNreUzWxQRMtost22XVd7QfQBxodEBYWGq7pPr0-u7JY7RQ1j4Ac8vGlwQhodn4MP93uuIZOgel2BDxL4SaQ9U_xxkdkUhw-n8gb_r21EIofMlLl3O1U1Q1WtSBFryqOgUDnudI2wx3xMAvu208u8wuBnKSiSM9B_nxqjw5jaK1wV2k7Cxi6pTMg0GDf6AH8XSNDXflSlMYX_BcjiqfgyYOnWK_gpZP6LkTJxjPdX0Vq_xsv4PdMvOzQWKPEgW7AYEc2CGFU3eiyPzINl1nPkbhgSv7P6FsCS1pEcBx3k_lvZcr0OxRrfgw_NHto0urZHQwM-XMSr_kZeC0-S95pR5r-UoTGodyGzBKCgpRGAT5ATRBnTrqHVyaRq1tPTA7vBSV4h2lPQGWGkHDaP4GVNeqLAKzxKYe_QwgmUaCCuH1wv6q8h8ie0ACzMes60KSpUhr41ZUZ2bgQHcjEchiJV3dFkHkeC4lWxaDvNcxjDITCdDMKujSswbuH1a9unRgWLiPa1TLF26KcWtS8QNsgw4DipQqE5mDBiq9Yx0hj69zEEABUjr03cbJxweTHWlW5YFA92lS69oBsKub37e5WXKBN-ULq9azt5BRY9TFiX1_-Jz6iZgNYYjfyr0bKsTlR8TFlOeXZgFTxjhLMkx5O-nkhLtrPs3cqXO1b1_gM2zDWONg4zwhf_1HzGw6aiCwr78_sy0dHmPcvaVuEwj0ar-43MdV82AM4tZXL5HVvykwVbwwy98mNgE8XqV6mkMMzMVMrckYNKIXkLsTRIpMO9svEGNEwzck32_WNDtVpSZ_RV8ol1943GnzbhUYbcM1ITlzlozxeznIXddWV1t3TYxdrxbARZjyFpcxQCS8EbL4DTeta1qPxUFyMHIdN2Q6DvF2ZvxRpVhkUdGzFmvPbZMEV9aRHsrjvPto8dmQzKB-_H3veo_MAkgMwj4pOV04wyfGaPl6rmHyVL6pT8WNVwBIo5ZOP_v0mTvC7DKlH0MLaY6n9KrYbkkwsieBb3FlskWMc_Pg3YIEehGpuOgjSFa2pltPiwFJ99hfkqfZ5h2u_mLgcm4QUm3BNPUInW6CCeRhTlZ-G8rr_PvQAMOq6Ov2Rc8lTDvu7bxriiIjE2ZXS2eTCWAhoYONhCVlFdL--CxU-d4-ZNlq-5C46JS1api5_NV62bBQXEQvGQ0A4-3fv93o6qf_9806Sc3qaEecb6BeNL57cbfPXgUQ-S_oQUtMilZBPXR7nEbLSI9hQsJztYtH34iKGbrDASIwC_FVyNLTN4AidnGKs-vBliULfumt-SmQXdqIcpb4dTNKtALixPsLKs2IlXXeSRTpBn1qWxfoAwP_OG7Hdk_HIc48kPHUAn2tdJoVFGjDJYEMFtqPKdlkLRKk2_TZGXJgst2xxc9L1u_ut8iw3MIh6dd6yRledm2yWzRIVqqRvWrPO_tI5t5IEdkKZPW6TkAahvUSsa39Lmhxm9M3pNWnvG_IfY3AvXPSVaL6F9Oqa1ntYlv9YeehNR1baruIz8O8Tc6top2SZBmh1rrnIfCNs0xN-4YOIezXTbbMSlrNEgOMwdbh7KGSg8tUvA9K4M9E08YVu0tyUe2Cg-fIxU603kWB1w0vohpq18EXba7tCjzVn3Rjqbqq6kFR4wxK2ZOEuCd3V5XcukeKiqgL3RAhhpxoZv-eIHpzX2BJjveAB02DFXET0nJMWY9Jzt-7dy_Bv7yqYBh1Qc847BTzzHtk6RE2gehfjTwwBMwVHMQcrA-Yb3h0Q4RemFGRaKk9z_A92hdTPts1AvVaaT5aqJWYo-QdUq7KNYdZ44kNHHCSP2NxF_nm55bpTD8LisFimfx4gmXYhcVTOfijlYd1de-GMgoeim283ThsWJ08mL5qv3PaHaD3ug4ixwaZZPpOHpZ6ywKK2hM2kHYGW3Zkssk63l9j7VnecTAgHw7h-zFpOWvdxp7Ln4a9RgCQWc5akrbaktGQ50d8QaZEH1ZK1pKrMD8glIqaQvw2WbmXvCf7Jc40n2rjf1JG59Fsa_sg8aQTemvkdydpVy0X3YBO5yJPYA3a1ETERybnrW25C3_-1XLPmajYP0FiIDYKq2WLgCjj3mXVh0shOMJe7kaMcVuMUUE6t9jT9avR3DJpU2usHggjAU4JCktOxEIjP8_V4ZIbVJHQ8ribX-Dk5cHPx9u6j80VuQCRBscAXC3vCKIdgYWNZ7NTMg4i5m8XGh12kvQU-nEMjEnxcY7501JaVQpD8YbcP2ulHm3PFDNkhEAnPA-38R4O4S_if-V_AFS6JNFeOP0MLDLr0ZV7qpfGZ1UAZwtWSxKOc9m650CozKZdaDNg008n_Jd4nvz5VkX1BAjXMHzV47oHjYcFaGDZkHoFDzI0B0HczONcg0jjpij8ezFktxYV-mpvw3-qYwwoknna3ujlbFDQg6R3sobG1scJlRiVqCQ5SVNu3lN6JT89PTECLzQDz4Wr3B_6ciz43bBeHk_D4Zq77kF7kabpZKLQUtuDWfP94HQ9bfeODu3T13sUZJpdg7QUPXjXhbQ4BctdDbVgSrwGo6nRpus53zeJmk-ytpgpyT2EdrR7Sgp5Uq2HvAW8cVChWY7KFXEDbWgFCf68PjKqrXOgt4KtJByVSIaLYsMNCuyRplQrcGpnzH5VegshkThuUeVF-8Ad4dP9NRpi6UyKnsJZq_kzVDEs90OZgb5jdnvmTYHcTgN9oQocEvXbQ3Ddj2BqlgLTw3vL5-qFEttXShPV98DQ2qQIEgaSJcICI_V4pgl1F66KyOvRys2zVx4QAYK2aRjqf4Hgo4ppnNLgz78JVA_vK08rWiRX1OJStp4npPOycnG0Wy9yEAtMi3R_auFUEpa08FjBjEDUu1MZyKzgegVnr-j3R01TnxEQhtHNZeHoZnmUGidN4V_1PCGzC4OTn8pGR3-Jy1FDfnkDZM8a1-J2iW0MPBbvB3on1FjmPQfizZeCHfAosGPITwL5MusLCs9giXlGH0fjUGKsJPhOgI_-i-4gWiZ8NQl4xqSXOt2n8YJQIpee40-hiTp_Wa5IiCtKXafxtSarKgCgpg&cid=CAQSPADq26N99md0R-cKsOQ_R7e2OA9iiK47bzAj6oTSSPS5a-47GEvDmDlTYcSh8sctHPnTCIdRtWhTnxa3UhgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 16:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
47324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 16:56:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame C3D8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk7TijU8lhCtc4QVvDYpU3KrfMg183fxYMltEprkCoAz-I1MDpRJCtp0weyxf1H6SsQN0AZfhNsVJ3sYxdiBEVhVnWag&cry=1&dbm_d=AKAmf-BmPIPjI8d-VBcsJuzrbc7DCE-G5aqQC2vgBsTeVPYerE0_NMaVUKjKUWc2eXESxXa2IBtIFf0ygHhqtWlK-74u3Fu9UfRoa8nog6Kh-OKvP3jRnjjXycY_9O-jMbvVhZDj3W1lrLs7A7o0kGZj0ZnTNH_-wcnyXGZtRQjiDW2eWraI12qyQiY1Pr6Y2bCluWe_k-FD6DVSuC8yJa8oCHcscaXDfb9c-jBz5obo_meKQEMDWiCg8L9DVUPV0jVVZYZ1XSjiQdiXH_ES_iDS1XJpoaNreUzWxQRMtost22XVd7QfQBxodEBYWGq7pPr0-u7JY7RQ1j4Ac8vGlwQhodn4MP93uuIZOgel2BDxL4SaQ9U_xxkdkUhw-n8gb_r21EIofMlLl3O1U1Q1WtSBFryqOgUDnudI2wx3xMAvu208u8wuBnKSiSM9B_nxqjw5jaK1wV2k7Cxi6pTMg0GDf6AH8XSNDXflSlMYX_BcjiqfgyYOnWK_gpZP6LkTJxjPdX0Vq_xsv4PdMvOzQWKPEgW7AYEc2CGFU3eiyPzINl1nPkbhgSv7P6FsCS1pEcBx3k_lvZcr0OxRrfgw_NHto0urZHQwM-XMSr_kZeC0-S95pR5r-UoTGodyGzBKCgpRGAT5ATRBnTrqHVyaRq1tPTA7vBSV4h2lPQGWGkHDaP4GVNeqLAKzxKYe_QwgmUaCCuH1wv6q8h8ie0ACzMes60KSpUhr41ZUZ2bgQHcjEchiJV3dFkHkeC4lWxaDvNcxjDITCdDMKujSswbuH1a9unRgWLiPa1TLF26KcWtS8QNsgw4DipQqE5mDBiq9Yx0hj69zEEABUjr03cbJxweTHWlW5YFA92lS69oBsKub37e5WXKBN-ULq9azt5BRY9TFiX1_-Jz6iZgNYYjfyr0bKsTlR8TFlOeXZgFTxjhLMkx5O-nkhLtrPs3cqXO1b1_gM2zDWONg4zwhf_1HzGw6aiCwr78_sy0dHmPcvaVuEwj0ar-43MdV82AM4tZXL5HVvykwVbwwy98mNgE8XqV6mkMMzMVMrckYNKIXkLsTRIpMO9svEGNEwzck32_WNDtVpSZ_RV8ol1943GnzbhUYbcM1ITlzlozxeznIXddWV1t3TYxdrxbARZjyFpcxQCS8EbL4DTeta1qPxUFyMHIdN2Q6DvF2ZvxRpVhkUdGzFmvPbZMEV9aRHsrjvPto8dmQzKB-_H3veo_MAkgMwj4pOV04wyfGaPl6rmHyVL6pT8WNVwBIo5ZOP_v0mTvC7DKlH0MLaY6n9KrYbkkwsieBb3FlskWMc_Pg3YIEehGpuOgjSFa2pltPiwFJ99hfkqfZ5h2u_mLgcm4QUm3BNPUInW6CCeRhTlZ-G8rr_PvQAMOq6Ov2Rc8lTDvu7bxriiIjE2ZXS2eTCWAhoYONhCVlFdL--CxU-d4-ZNlq-5C46JS1api5_NV62bBQXEQvGQ0A4-3fv93o6qf_9806Sc3qaEecb6BeNL57cbfPXgUQ-S_oQUtMilZBPXR7nEbLSI9hQsJztYtH34iKGbrDASIwC_FVyNLTN4AidnGKs-vBliULfumt-SmQXdqIcpb4dTNKtALixPsLKs2IlXXeSRTpBn1qWxfoAwP_OG7Hdk_HIc48kPHUAn2tdJoVFGjDJYEMFtqPKdlkLRKk2_TZGXJgst2xxc9L1u_ut8iw3MIh6dd6yRledm2yWzRIVqqRvWrPO_tI5t5IEdkKZPW6TkAahvUSsa39Lmhxm9M3pNWnvG_IfY3AvXPSVaL6F9Oqa1ntYlv9YeehNR1baruIz8O8Tc6top2SZBmh1rrnIfCNs0xN-4YOIezXTbbMSlrNEgOMwdbh7KGSg8tUvA9K4M9E08YVu0tyUe2Cg-fIxU603kWB1w0vohpq18EXba7tCjzVn3Rjqbqq6kFR4wxK2ZOEuCd3V5XcukeKiqgL3RAhhpxoZv-eIHpzX2BJjveAB02DFXET0nJMWY9Jzt-7dy_Bv7yqYBh1Qc847BTzzHtk6RE2gehfjTwwBMwVHMQcrA-Yb3h0Q4RemFGRaKk9z_A92hdTPts1AvVaaT5aqJWYo-QdUq7KNYdZ44kNHHCSP2NxF_nm55bpTD8LisFimfx4gmXYhcVTOfijlYd1de-GMgoeim283ThsWJ08mL5qv3PaHaD3ug4ixwaZZPpOHpZ6ywKK2hM2kHYGW3Zkssk63l9j7VnecTAgHw7h-zFpOWvdxp7Ln4a9RgCQWc5akrbaktGQ50d8QaZEH1ZK1pKrMD8glIqaQvw2WbmXvCf7Jc40n2rjf1JG59Fsa_sg8aQTemvkdydpVy0X3YBO5yJPYA3a1ETERybnrW25C3_-1XLPmajYP0FiIDYKq2WLgCjj3mXVh0shOMJe7kaMcVuMUUE6t9jT9avR3DJpU2usHggjAU4JCktOxEIjP8_V4ZIbVJHQ8ribX-Dk5cHPx9u6j80VuQCRBscAXC3vCKIdgYWNZ7NTMg4i5m8XGh12kvQU-nEMjEnxcY7501JaVQpD8YbcP2ulHm3PFDNkhEAnPA-38R4O4S_if-V_AFS6JNFeOP0MLDLr0ZV7qpfGZ1UAZwtWSxKOc9m650CozKZdaDNg008n_Jd4nvz5VkX1BAjXMHzV47oHjYcFaGDZkHoFDzI0B0HczONcg0jjpij8ezFktxYV-mpvw3-qYwwoknna3ujlbFDQg6R3sobG1scJlRiVqCQ5SVNu3lN6JT89PTECLzQDz4Wr3B_6ciz43bBeHk_D4Zq77kF7kabpZKLQUtuDWfP94HQ9bfeODu3T13sUZJpdg7QUPXjXhbQ4BctdDbVgSrwGo6nRpus53zeJmk-ytpgpyT2EdrR7Sgp5Uq2HvAW8cVChWY7KFXEDbWgFCf68PjKqrXOgt4KtJByVSIaLYsMNCuyRplQrcGpnzH5VegshkThuUeVF-8Ad4dP9NRpi6UyKnsJZq_kzVDEs90OZgb5jdnvmTYHcTgN9oQocEvXbQ3Ddj2BqlgLTw3vL5-qFEttXShPV98DQ2qQIEgaSJcICI_V4pgl1F66KyOvRys2zVx4QAYK2aRjqf4Hgo4ppnNLgz78JVA_vK08rWiRX1OJStp4npPOycnG0Wy9yEAtMi3R_auFUEpa08FjBjEDUu1MZyKzgegVnr-j3R01TnxEQhtHNZeHoZnmUGidN4V_1PCGzC4OTn8pGR3-Jy1FDfnkDZM8a1-J2iW0MPBbvB3on1FjmPQfizZeCHfAosGPITwL5MusLCs9giXlGH0fjUGKsJPhOgI_-i-4gWiZ8NQl4xqSXOt2n8YJQIpee40-hiTp_Wa5IiCtKXafxtSarKgCgpg&cid=CAQSPADq26N99md0R-cKsOQ_R7e2OA9iiK47bzAj6oTSSPS5a-47GEvDmDlTYcSh8sctHPnTCIdRtWhTnxa3UhgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 18:34:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C3D8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:48:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9505 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 11:15:32 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 11:15:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C3D8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
140d811fbd66604096f475e83e93a574bf342b48a9e4c82375eefb6278440c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame BE80 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 10:43:14 GMT
x-content-type-options
nosniff
age
69709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52913
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 10:43:14 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame BE80 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LdEK2AfAAAAALAftB5G51fvHdqZPPOIxMO_9hdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 21:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 21:37:49 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame ADE2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 11:28:47 GMT
file.mp4
r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh... Frame ADE2
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48DD2E6EE3BF609A6AD1585BC99350B4B1444349.47FED99F2E4804E957065B8B22D6F32B336E881F/key/cms1/cms_redirect/yes/hcs/ir/mh/LS/mip/2a01:4a0:2b::5/mm/42/mn/sn-4g5ednly/ms/onc/mt/1666590720/mv/u/mvi/4/pl/42/file/file.mp4
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:67::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4415645
Last-Modified
Wed, 05 Oct 2022 01:15:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 24 Oct 2022 06:05:03 GMT

Redirect headers

date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
location
https://r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48DD2E6EE3BF609A6AD1585BC99350B4B1444349.47FED99F2E4804E957065B8B22D6F32B336E881F/key/cms1/cms_redirect/yes/hcs/ir/mh/LS/mip/2a01:4a0:2b::5/mm/42/mn/sn-4g5ednly/ms/onc/mt/1666590720/mv/u/mvi/4/pl/42/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A56B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
386762
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:39:01 GMT
expires
Thu, 19 Oct 2023 18:39:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 9505 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIq5kXlYPFudA8oW3gdmoQE&google_cver=1&google_push=AZmPxg9RsuhFu8xrphgJnl7mxAjymtnRgXXcIy_kblR80af3NJdzpephoyPfCJ7WhD6qmD3Y0II76XytibIeDM90nNIz3jGg55Wy
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9505
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRMSHL0kCQWAfTgGAAq-kA&google_cver=1&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZdNcyrT6pr-qXtg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZdNcyrT6pr-qXtg
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_IwcVPsnNHEvm1DSZX50js66lQY0y7UBt5XKJwYTZJnTabZQdu4JOJQRhssncTKfqYnEob2KkxS7ACPpPZdNcyrT6pr-qXtg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Oct 2022 06:05:03 GMT
pixel
cm.g.doubleclick.net/ Frame 9505
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=66ad05a0-5b61-4b01-bab7-6f48b0c55517&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8eYeynrK78SC5mhPV4YWFfy8xdAjsMF5ooTPthEMbJ0X6cGBwV6fDbsA8Zi3DyIBBV_1oZX8lWWUTcR7fH68Hm9eqjPKSaNw&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Date
Mon, 24 Oct 2022 06:05:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9505
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHoGeOA-DrWhdkedjsKZObg&google_cver=1&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzu...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHoGeOA-DrWhdkedjsKZObg&google_cver=1&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9My9hzQ2MI2hFiHFx6qe0RatpPZk3PzwxQ2-OAFP9FFWDppYcMAxB2ji9IT5qMl6cXW98RBQgZNxWClR1jLG_-nzurXNENBA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9505
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELm8fkbGPYUdSxKQ2r4a_V0&google_cver=1&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1m...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlNREpVREgtNy1DRkRY&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1mlIWwfNcMc8FSpQVA0PFtROHFhHQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlNREpVREgtNy1DRkRY&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1mlIWwfNcMc8FSpQVA0PFtROHFhHQ
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlNREpVREgtNy1DRkRY&google_push=AZmPxg_B-ThsWLORsQl93IaRoHC3p75gFjbPnuBA4Rt5tJcH8IQOqHwYFpf20HgDELwxsmabq1mlIWwfNcMc8FSpQVA0PFtROHFhHQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 9505 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF2oYeMOooTekDFOcQFIhVw&google_cver=1&google_push=AZmPxg8PNrGKdpwCnbNzc2xMBLlajwGCwiai3fKJQkV1AZLoRsvRgwtXp181RLaKGTkOo_itpLYHhcxADcVNw8gbuGKXDF9cgvez1A
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-length
0
/
onetag-sys.com/match/ Frame 9505
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOMiAl6UMAJ1QSU7kiXgRJk&google_cver=1&google_push=AZmPxg_VWR69mtI23Ay1qRIGpUOZ53ZpFjrR4BeWKAUCG3C1FFh2lYxHQFj4bxyo_7j9NlhjERuGyty_5eq...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_VWR69mtI23Ay1qRIGpUOZ53ZpFjrR4BeWKAUCG3C1FFh2lYxHQFj4bxyo_7j9NlhjERuGyty_5eqI2BtXLjZRnaIHzsQMq90
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9505 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LF3R1LmzqqJIAnU6keNvu8g5frP_sIr1S7VuS3zUcNRa19ZfeIjG9noM9cLreMiVPZPwGS_g
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99d97e92258543088e1c93691ccb34eece37eb84d1b327645c443b3c8321a5c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
266668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1523
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 04:00:35 GMT
expires
Sat, 21 Oct 2023 04:00:35 GMT
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C3D8 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjxFobOiOXs0jLVMUWQyohAgTdowQTPsDqgPYb_rhDhnwtTxcJSL9KApkg0U1Dz8K_NyO0eSAKJ6WXZ5C_CdZd7LF6tgMtqn33OQtw0IVSOQ6T0RVTI2RnxY8Mt3UqTQoL0OfmYXrLR-9v6tHxXCr8r1MnSpsIN4SsejIwtv_CGYmsuL52_lCb8rIp27UN2C789TrZaFQj206UwhktgL-8AD_QL8qk9QoNCb3nAYAnAqv9TvyBMXu7jINJGJURocpUO-JFbVN6AqXpJUpfhToHvIEdaonklfL1Nnm2x-R-xcQ_HvaUEnJ8sMpgzUKG0SApAUTpKQxm1KQ37SJUaevbxQqxXg0X6AZDnALaGSZs2G7Fj7mnI8AOtMlePWwGli9dahrjmVQILZyNexWuF8h84VjGTfpZHkor55XLP8YrIJopqH0Bwocz9zNrUHpED_bf-g-qWzfqpgW1lvTppFCIpe4q5FmXhAiOgE7nQXfvx6B6iA7Nsjj9MUwTMdU9ewlzC3zkQPVzjQo3wI5YWB2D2eabnRPT0XqD-2kLsUEnTEuO_ZkU7gar2zgHEnZtcw1_U5KmYbuqWqzc4qOMK6KbSfOH-7Dk-3u9ohOivQsrz9e1IvfSX_FybsSUH07fMgxFLD2or5fmshbO1DRY_OTZyhmJQMKY0paprJksdd8z0YOsdV6g-ziwomGyRnYx6We_u4Gj7HBMVa_nPzAL9ScAUmkHPCztkNDYExWoFp7FmVu2mtIWEUM8Bhgc_H6AVOOBvGYxkDMde-7yD78PlGM06_izuJulZz_fyLazJRasX84hH0HtLzwKtMNtphAve34LosEbY9ShuNv3P3p2NnK07F9jiGHhfBDXTas9u9wXJhbpe7hV98Euah9sWKOGxfnvOKAlAIKyP8gJTLoLLvdviCNrpXEs-DYI0811XfEVZ43eX9S9wlDXN48Z3gvpeBCaby-gIytWsCtVPwBjQ5A5vmKztfx8fzopm9pHkR4C0vj9wW771nav2tjuRKnmOe0Jqerdk7nXbBCuP0IRqoit0GEKI0dgsQVY9yoz7tPlcP6AVHTL0GbmRxEUv5CARIxKk19lrT3fcWAkOmvhsS6qEjzgVg-4JDVm2j2cCMcS-6h0r0kwqURXfXqpgz4ruNcbUqN-wzW9L0BEs_Kc_Ia43mpAg88E0wdlMXX5gLdsPPYtTi5ALfOlfOMU8FCWzfKu28M0BNzOpP2d8UVqiYqt4LGdz2Cjh81xVrivDjxAuAhoUeI_oQqpvfnej17y5aNAJVOrYDHs61XKCDvkuMHXVmnwvGDQ3i_3XRpjnwu_c01DTQRGsYdJWvzr8fntkEQ2fF-j-Ew20OtlL37zU1QTTglrSPgs02Ao5GkDBOlY&sai=AMfl-YTLlhDyobcUPtSRMqSgwvmXQsvixyO7VhSVIf_i_xckdy9RFHn6rjx0DX9gGNfl5DdnfxJ9izVK62aiU0bFdOLedQ_VfY5bQQ8GdfS-5GcK7ba4JNL5WSzdaWq8wyZGLsbuuiX1iks17bZ_0adLIS7CJwVGmKniWKVDH9lKtXuy7WqbLKnXS_XTdIH6XZT7GlsMFxak84mlcf1XTwHWEzwwjQDLpgNhMlUiXbc9eAsDUJaiuogslPknEbHVvGeMOxHBtEG5tCl5xhLkjS-t7Fayag8FtfKh8VVcBx4&sig=Cg0ArKJSzNAQrzMzHAi0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=121&cisv=r20221019.41351&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7AE5 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 00:43:27 GMT
expires
Sat, 21 Oct 2023 00:43:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame A56B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
styles.css
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		2 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
456216e8c9b0906906096492f544bc76fd992aa7e0af07cc8354bd286a63f66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
background.jpg
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		797 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/background.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
958447d209fe130b4a050cb6607bc9a386c4534396e3139406f7f9fd28ee65b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
797
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
sim.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/sim.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b12ce3fdcb0ca16d67307b404b4d4199850bf39e5b8a599911685b9dd42877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 05:05:23 GMT
x-content-type-options
nosniff
age
521980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6084
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Oct 2023 05:05:23 GMT
db.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/db.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a19c94d432788585bc5edb13c0eedb40a9671c09aa5c93d114df1f93077a10dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12398
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
pfeil-orange.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/pfeil-orange.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5896b1be656e8b68bca0d18ce4284856d4e8890bdb3d987fd39474f45064a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2883
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
pfeil-gruen.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		151 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/pfeil-gruen.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c67c08fe3d5704e0b0914586ac4b85287980702db11e0740d86e09d890f9b658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
h1.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/h1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18786f220f262807f08b7f7e6d1a9d1057b044c67e4036c303acb51e4ebde587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 12:17:37 GMT
x-content-type-options
nosniff
age
236846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8945
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 12:17:37 GMT
h2.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/h2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9697511e30ff7d79300f1beace0cc887259173f05fdf73cf1b824c69451e2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 08:34:49 GMT
x-content-type-options
nosniff
age
250214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10321
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 08:34:49 GMT
preis.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/preis.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d38eff9b221cde251a2d87ee24eef44ce46d74fae7fc22e7462faddc923f1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1102
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
logo.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd0084609e401184adb3ed1f9e0d8fdf43958a1d8282b40e8d56d6ca18b5f6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 12:48:57 GMT
x-content-type-options
nosniff
age
234966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2925
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 12:48:57 GMT
laufzeit.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		480 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/laufzeit.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81b80336b97fdd114f72f7a98dc86bcbde657c86b538d1a193606140c171722d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
480
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
button.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		822 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/button.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3dc031a74ef6f40326100d97c5de489f34140293083028911a2a674416ffd0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 09:26:42 GMT
x-content-type-options
nosniff
age
247101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
822
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 09:26:42 GMT
border.png
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		152 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/border.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:42:43 GMT
x-content-type-options
nosniff
age
238940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 11:42:43 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame ECD4 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3123:e000::c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
394214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23292
last-modified
Fri, 22 Apr 2022 16:32:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6262d89e-5afc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75f084c34e84bbc1-FRA
expires
Sat, 14 Oct 2023 06:05:03 GMT
main.js
s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/ Frame ECD4 		3 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b91c5ed41026d4609b7686e2024d86e7293d3bc2b72dbf969c96bbcc125f272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11760001774747366884/km_202210_16GB-24Mon-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 04:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:08:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 04:00:35 GMT
S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
pagead2.googlesyndication.com/bg/ Frame 7AE5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 22:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15944
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 22:42:21 GMT
file.mp4
r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh... Frame ADE2 		184 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednly.c.2mdn.net/videoplayback/id/d9d5fcf0c1b97d74/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809380574/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48DD2E6EE3BF609A6AD1585BC99350B4B1444349.47FED99F2E4804E957065B8B22D6F32B336E881F/key/cms1/cms_redirect/yes/hcs/ir/mh/LS/mip/2a01:4a0:2b::5/mm/42/mn/sn-4g5ednly/ms/onc/mt/1666590720/mv/u/mvi/4/pl/42/file/file.mp4
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:67::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 24 Oct 2022 06:05:03 GMT
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4415644/4415645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4415645
last-modified
Wed, 05 Oct 2022 01:15:08 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
client-protocol
quic
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E23 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A730 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1E23 		31 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AldTNbbNDhA1_LdlbVVMFTFfwW1zzswUdgwHxc07EQz1M5CmSiDs1oTn311RMcuXQa2Y-0dDKOfwY6McGg7BDomZapR7BvEidoGv3kOi7RyYgfYHttDbTaT2EkeBmtPDXtx6PzUSG7laaht2_v6GQALEsKISLmCtNTheCwOkOElyab06k&dbm_d=AKAmf-Bo5u1Nsdn6C4HVI44Qd31WZgAj79WRqMNOsJhDoz8fCYJcV0oyiV_pni3M980bkCnK_6aa1xYalUlDeowg_ie7VAos1qfk3DlHL9oaJeDQ4y_M3DEVixbbhwvqiFect2GAGzvXgOEz8JEo9PQvXP--4y3waz48qyJTiIh7wwTEgTwxLQFiwGdF0_UtLLLal-Q4D0lQue0KH4P2J4dS6Tvu3DqfMTYPHoJECaF6uzWdov28pzVX-3OjZ5r7dzTZxyGQ-dfN2DkNiXdPgpDMoweSzMWD_hjyiaqlToyHtXiS2WoV4GCnmtk7M4-erk2fhrIuMQ0Wk-51gv2cTFfer5tiXQDn00_hdUiajLVY9jYszzKBd-grL1F1w6A6B4Wn7o8mkzI43Mlltj1CVyzPmt2KuH4uR9Kb3jHd-zx2S2vr-G8zdMN6BOSDybjr8illCOkN35dMEMrAQlAeywd26mf67608ByqqM6UqPNENLoSF-6GUAL4bqbAjQovq9IBHky2Fy2QhcET16sTim2NsEn_dKTZs80-A3jzlA8MgrGb85lzTHn6TGnH89xEBHov6cLiGTV_qWMbQgXJuV0L2R_D6nNXzbwqKp3yefJAJVZcvD6drOeqXwSGtyG3Vwm_UDly5lTmt_S1HZHey3ui6LeM0fN0kILehRTFomc0RUv6RW8TfZlv97cZRniO3rcEAWRCAVKzo-ah0OB8NBBabLcs-3b5IfeWKpu5eHnrgUM6yjQ43N1HlVolEADM5CvOJwtLh6fv7kFGfVKhUE-dwvWMIicdGvwQvyUrTbxO6KJc0MeIT2qcSJ1qZs5N3Pfk_1VEz5cmqg0D2yxzoo5bJ9KkSekUNDLqTNXI8iqocbcA9LcKj3u6uH6Om2v3DEmtWemuuaILEP4_xue9vzFjhdZeNNKR1tjo5sev0P04z7fZOZvuk1pF4pK8riwtdbla_KRkqdmuoYKGBc6yaU_jU51yB9x5L7nuoWGBIVe5G3ERRrCW8BMU7w8eXxa1ZZMaqlT35__xCcWtK398Wg666K_vOi99vEKedzf-U8ErYfFsWVb3qqsdvOo_v0yrFUCqSY3jiRkZD_PAKTMxBzjePBsm_dS-HCEzpGkJrtklbZ7D_dNK6q-lW0S_K6PH4Lj4oSJmAhOfbFBHzjZLZ-kMvILpVsjtREE8Bw-SQxJO1FOblkKVC-62_kpWcbVDaE-eOEDPo2saMxV6NaoP86Moc4X7IF_sjpfg-zkE2KHSLUI9ipykOil0KnSS_0GjzVDT9ENEQJxcXLejPxp4x9rk-194_tCsAQh0-YvWATno0pEo-_dbUQ8-7UHJWehlGg9NVVVrcpqvW3RV47utgXI8Vlg9uNldCPGXdncxM3Ho4S3EP9vVH2PT-EmcizlH5GzGOviBcGRYH3Q_AXCfSnGXwGm0rPqXrs5NJeWduxeW75DAaHfmUSJ1iAT1Ph_GWx--yHbT9RgQziwfBdsjQcj3E35kkiuSfsb6Lsjtr02OU5Q7YFZ1-ymp0gJqsZSnS6NyHSTlt37optJxdoMr34Et6GRB8yNNKfbp8QfMNBCcfGxsgLwbwYojku01Cb-trbY2Cv2T-BOymZo_h7MzQ67Fyg3ewLo0AVfMqH1W3Zjhkt4slMNncPchxRou4T_8QGZBuGxITz1GK2ubaPMlAoytmLDzajLuRjBCk6XWpcY2CkOkKYusY4DR00Hj6DkE8tQMmg37YHuGPwLicxAU7hRB-rwEnuwYNldVoDyGGk6z04KQivUtSeyRtVsb6lrThcKG7RmiqHuV75ggMXyWLWI-4qsGoP0JybWeLjpd0MRd4pH3yQgpYeiPHdRoOJlG584BF0t4wScOqzQ_IuofjMuxGq2HHr-JeyCRS6BPLv5BFOLZrEv2yQNZFY1NG_ZPv7AKzjOhVefL9o7hLT109G8-i5HEjEw4o32sHqUTeYsixt8YiPbgV_7KTT4shTlRqK_LcP9fNm4KKgCG2NmbETPUzEEVwsNkAVt1gRTHrDSxKJDIi6CBOqSs8PHwBTqjCYO1XWhRp5jrbaVjiIn1ZnotaHQjJ239hxg-AJcFoqpPUxGFzeJVCL2eRgVZzz_gEcXpN4OQPC_NxDG1tzP_40BQwxjf7YdagCDI1BmRC2bA4sF9mqcnIq-yY-hrSAT2c2zJ3mywgrHZLfz-QPlzqrrUuqXCuRMpOOaB0UdJjhQhGkcb1rBMyB_AYZGMCRCdiZ2XY3xElYfwf_qAsAzy0m56ZZEpNJlVspxc5IG7fA7Es5_5vOhur96sUjfNrQ-j9aPdXKScF3NZprYZwU-y7iq2fdpQR_CfWMqH5-9xmM5nXo1l3Yv4KyVvFiZl95aOnfpanoEaKYMKCNTfryuIXlQoLemaZzUcw1vn0kSweRt6cNCaFjYD7wY05R0ZPzRh32k994x_0MxkURbTrT92PMSIU2CWC6SvcsJ6pLrxbnlfoFPRfXNIsYQNxUgS6LiRJFiWbTz88olqOovlITr50O48TbHZ-wKm6iqKWQI4E3KwHP-K0T64vNFC6n90CTZkD9QK2Xemx-vthqFA_XWu1dffeXdJ9t0Ckh9Hk_VHI0tbIQSuwpd5fvnXWNJWND00lwwyBfFCm7LiFvTP8ciPRtFpErrIkmE3oxckCckO2hKZ4r91eOr8yIAJyiWEO3dHdYqPVhEipdCpUNajIceiaLawoxdOzik6W6K_BOdTmIa82S7UMC8-pJAjIYtirxW2faIcpU7V6OCswqTA9R9gCtoZdFK6Kswt9yMxwP-v5NJBwnts6Ynq2jHvVkHdEZSA2rjWWKYQHG0LpLUH-_JPiaWD6Gji2SSSVx0py6m8z1JPBgvK0R70pRzAghL86xrWd5eWBmTFZg630nOZidSBUkHMlB-aMfLpBKsNS3PVuf9zZzBc_2p6SedVu2zYgVKpdn-P3_5jC-UXSzWpciEVDjfQ06vY8XHi6MEs3FnlgT6NW8PqG_tieIOJV-cxaGe5pFgoELgdaqpiF3BQoHnMOym4LOeFr1j9WFZ0qPCTIKH0QzjiaEOcleMPS5W2qMasqemMRRCIgr8DNu-LfW1tjJG0HunkgeTPB8resSUnMS5Pkla2-c3L5j361JXKI1TFq4_kWDXylC7i1XSntZzPfM9YcmX5O-LuBJdXEvfZ8pqRIqVmLFYY9IG6sPuNsmwnLEiGDnD8uoj5mGNctSHcjx0gMuvUPtNbUEPxeUH-uRt_eB7zTJQTmFxYnjb_0XSFnBxH3KAH7Axf9LvdOiuEZbCazztru3r4VzQhaGIUKFnbG93zEZv2ymm4eb220Gm1q0cnQ7wHA3pHKQ1e3CJZGq7m1RSfquqXjHEITfhDyqbRDOZudb74P46_CjFFbyLkk4PFAhY-jAl8U&cid=CAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b9d08449c09d0e03131c42e267dd4079abe7385cf2d0425480d1b6a33f9d6a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18654
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E23 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxP78OyeF796YtqyD_Hv61zaJ6DUUOqO5PWvOcLCiWDBlbQBvHuI7u3hQYy-o6OPamL4gwesZ56Qn3lwOjjDCcfet1mNbpp9VHjpbcJy4FZMn-YC4
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 1E23 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=14526021&cmp=28674799&sid=4128031&plc=348477386&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 14:24:53 GMT
Server
Microsoft-IIS/10.0
ETag
"80e87b37ebe6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
unit_renderer.php
as.jivox.com/unit/ Frame 1E23 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.jivox.com/unit/unit_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.72.191 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b0876f0cdbcae7764cc424d1d476ef37361443a730454130ab0668b8145ba40a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
28567
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 1E23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 22:05:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 1E23 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E23 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:03 GMT
sd
us-u.openx.net/w/1.0/ Frame A730
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHIef4_V18cCruKK_KhkNw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHIef4_V18cCruKK_KhkNw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHIef4_V18cCruKK_KhkNw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A730 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A730
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEF2QezE3Tly_ee2jqZiAS7k&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEF2QezE3Tly_ee2jqZiAS7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Protocol
H2
Server
2.18.232.7 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 24 Oct 2022 06:05:04 GMT
pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEF2QezE3Tly_ee2jqZiAS7k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A730 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRDc2YSLAhjWwo3WATAB&v=APEucNWHYEuURW4m50ZnyUx0uky7f1Mh1TQtovmfpFyNCTmrXRjd2qf8kI2b06o1r10JJEDnXCtuLcHhQEHdOazZRNJvCbLdgcvycodcIAB-Lv_f82uGUYvonHx0EMBdMery4eTkXYsxJavYAYhXnVWFXddIAD-w4xpXTV1EpYKtNwy0CrU942w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 24 Oct 2022 06:05:04 GMT
pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame C3D8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjxFobOiOXs0jLVMUWQyohAgTdowQTPsDqgPYb_rhDhnwtTxcJSL9KApkg0U1Dz8K_NyO0eSAKJ6WXZ5C_CdZd7LF6tgMtqn33OQtw0IVSOQ6T0RVTI2RnxY8Mt3UqTQoL0OfmYXrLR-9v6tHxXCr8r1MnSpsIN4SsejIwtv_CGYmsuL52_lCb8rIp27UN2C789TrZaFQj206UwhktgL-8AD_QL8qk9QoNCb3nAYAnAqv9TvyBMXu7jINJGJURocpUO-JFbVN6AqXpJUpfhToHvIEdaonklfL1Nnm2x-R-xcQ_HvaUEnJ8sMpgzUKG0SApAUTpKQxm1KQ37SJUaevbxQqxXg0X6AZDnALaGSZs2G7Fj7mnI8AOtMlePWwGli9dahrjmVQILZyNexWuF8h84VjGTfpZHkor55XLP8YrIJopqH0Bwocz9zNrUHpED_bf-g-qWzfqpgW1lvTppFCIpe4q5FmXhAiOgE7nQXfvx6B6iA7Nsjj9MUwTMdU9ewlzC3zkQPVzjQo3wI5YWB2D2eabnRPT0XqD-2kLsUEnTEuO_ZkU7gar2zgHEnZtcw1_U5KmYbuqWqzc4qOMK6KbSfOH-7Dk-3u9ohOivQsrz9e1IvfSX_FybsSUH07fMgxFLD2or5fmshbO1DRY_OTZyhmJQMKY0paprJksdd8z0YOsdV6g-ziwomGyRnYx6We_u4Gj7HBMVa_nPzAL9ScAUmkHPCztkNDYExWoFp7FmVu2mtIWEUM8Bhgc_H6AVOOBvGYxkDMde-7yD78PlGM06_izuJulZz_fyLazJRasX84hH0HtLzwKtMNtphAve34LosEbY9ShuNv3P3p2NnK07F9jiGHhfBDXTas9u9wXJhbpe7hV98Euah9sWKOGxfnvOKAlAIKyP8gJTLoLLvdviCNrpXEs-DYI0811XfEVZ43eX9S9wlDXN48Z3gvpeBCaby-gIytWsCtVPwBjQ5A5vmKztfx8fzopm9pHkR4C0vj9wW771nav2tjuRKnmOe0Jqerdk7nXbBCuP0IRqoit0GEKI0dgsQVY9yoz7tPlcP6AVHTL0GbmRxEUv5CARIxKk19lrT3fcWAkOmvhsS6qEjzgVg-4JDVm2j2cCMcS-6h0r0kwqURXfXqpgz4ruNcbUqN-wzW9L0BEs_Kc_Ia43mpAg88E0wdlMXX5gLdsPPYtTi5ALfOlfOMU8FCWzfKu28M0BNzOpP2d8UVqiYqt4LGdz2Cjh81xVrivDjxAuAhoUeI_oQqpvfnej17y5aNAJVOrYDHs61XKCDvkuMHXVmnwvGDQ3i_3XRpjnwu_c01DTQRGsYdJWvzr8fntkEQ2fF-j-Ew20OtlL37zU1QTTglrSPgs02Ao5GkDBOlY&sai=AMfl-YTLlhDyobcUPtSRMqSgwvmXQsvixyO7VhSVIf_i_xckdy9RFHn6rjx0DX9gGNfl5DdnfxJ9izVK62aiU0bFdOLedQ_VfY5bQQ8GdfS-5GcK7ba4JNL5WSzdaWq8wyZGLsbuuiX1iks17bZ_0adLIS7CJwVGmKniWKVDH9lKtXuy7WqbLKnXS_XTdIH6XZT7GlsMFxak84mlcf1XTwHWEzwwjQDLpgNhMlUiXbc9eAsDUJaiuogslPknEbHVvGeMOxHBtEG5tCl5xhLkjS-t7Fayag8FtfKh8VVcBx4&sig=Cg0ArKJSzNAQrzMzHAi0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=496&vt=11&dtpt=370&dett=3&cstd=121&cisv=r20221019.41351&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C3D8 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52c7c7b86671d5d52f393f60118984ce424f015a82b790718b3144c1ee3298b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5865
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 1E23 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AldTNbbNDhA1_LdlbVVMFTFfwW1zzswUdgwHxc07EQz1M5CmSiDs1oTn311RMcuXQa2Y-0dDKOfwY6McGg7BDomZapR7BvEidoGv3kOi7RyYgfYHttDbTaT2EkeBmtPDXtx6PzUSG7laaht2_v6GQALEsKISLmCtNTheCwOkOElyab06k&dbm_d=AKAmf-Bo5u1Nsdn6C4HVI44Qd31WZgAj79WRqMNOsJhDoz8fCYJcV0oyiV_pni3M980bkCnK_6aa1xYalUlDeowg_ie7VAos1qfk3DlHL9oaJeDQ4y_M3DEVixbbhwvqiFect2GAGzvXgOEz8JEo9PQvXP--4y3waz48qyJTiIh7wwTEgTwxLQFiwGdF0_UtLLLal-Q4D0lQue0KH4P2J4dS6Tvu3DqfMTYPHoJECaF6uzWdov28pzVX-3OjZ5r7dzTZxyGQ-dfN2DkNiXdPgpDMoweSzMWD_hjyiaqlToyHtXiS2WoV4GCnmtk7M4-erk2fhrIuMQ0Wk-51gv2cTFfer5tiXQDn00_hdUiajLVY9jYszzKBd-grL1F1w6A6B4Wn7o8mkzI43Mlltj1CVyzPmt2KuH4uR9Kb3jHd-zx2S2vr-G8zdMN6BOSDybjr8illCOkN35dMEMrAQlAeywd26mf67608ByqqM6UqPNENLoSF-6GUAL4bqbAjQovq9IBHky2Fy2QhcET16sTim2NsEn_dKTZs80-A3jzlA8MgrGb85lzTHn6TGnH89xEBHov6cLiGTV_qWMbQgXJuV0L2R_D6nNXzbwqKp3yefJAJVZcvD6drOeqXwSGtyG3Vwm_UDly5lTmt_S1HZHey3ui6LeM0fN0kILehRTFomc0RUv6RW8TfZlv97cZRniO3rcEAWRCAVKzo-ah0OB8NBBabLcs-3b5IfeWKpu5eHnrgUM6yjQ43N1HlVolEADM5CvOJwtLh6fv7kFGfVKhUE-dwvWMIicdGvwQvyUrTbxO6KJc0MeIT2qcSJ1qZs5N3Pfk_1VEz5cmqg0D2yxzoo5bJ9KkSekUNDLqTNXI8iqocbcA9LcKj3u6uH6Om2v3DEmtWemuuaILEP4_xue9vzFjhdZeNNKR1tjo5sev0P04z7fZOZvuk1pF4pK8riwtdbla_KRkqdmuoYKGBc6yaU_jU51yB9x5L7nuoWGBIVe5G3ERRrCW8BMU7w8eXxa1ZZMaqlT35__xCcWtK398Wg666K_vOi99vEKedzf-U8ErYfFsWVb3qqsdvOo_v0yrFUCqSY3jiRkZD_PAKTMxBzjePBsm_dS-HCEzpGkJrtklbZ7D_dNK6q-lW0S_K6PH4Lj4oSJmAhOfbFBHzjZLZ-kMvILpVsjtREE8Bw-SQxJO1FOblkKVC-62_kpWcbVDaE-eOEDPo2saMxV6NaoP86Moc4X7IF_sjpfg-zkE2KHSLUI9ipykOil0KnSS_0GjzVDT9ENEQJxcXLejPxp4x9rk-194_tCsAQh0-YvWATno0pEo-_dbUQ8-7UHJWehlGg9NVVVrcpqvW3RV47utgXI8Vlg9uNldCPGXdncxM3Ho4S3EP9vVH2PT-EmcizlH5GzGOviBcGRYH3Q_AXCfSnGXwGm0rPqXrs5NJeWduxeW75DAaHfmUSJ1iAT1Ph_GWx--yHbT9RgQziwfBdsjQcj3E35kkiuSfsb6Lsjtr02OU5Q7YFZ1-ymp0gJqsZSnS6NyHSTlt37optJxdoMr34Et6GRB8yNNKfbp8QfMNBCcfGxsgLwbwYojku01Cb-trbY2Cv2T-BOymZo_h7MzQ67Fyg3ewLo0AVfMqH1W3Zjhkt4slMNncPchxRou4T_8QGZBuGxITz1GK2ubaPMlAoytmLDzajLuRjBCk6XWpcY2CkOkKYusY4DR00Hj6DkE8tQMmg37YHuGPwLicxAU7hRB-rwEnuwYNldVoDyGGk6z04KQivUtSeyRtVsb6lrThcKG7RmiqHuV75ggMXyWLWI-4qsGoP0JybWeLjpd0MRd4pH3yQgpYeiPHdRoOJlG584BF0t4wScOqzQ_IuofjMuxGq2HHr-JeyCRS6BPLv5BFOLZrEv2yQNZFY1NG_ZPv7AKzjOhVefL9o7hLT109G8-i5HEjEw4o32sHqUTeYsixt8YiPbgV_7KTT4shTlRqK_LcP9fNm4KKgCG2NmbETPUzEEVwsNkAVt1gRTHrDSxKJDIi6CBOqSs8PHwBTqjCYO1XWhRp5jrbaVjiIn1ZnotaHQjJ239hxg-AJcFoqpPUxGFzeJVCL2eRgVZzz_gEcXpN4OQPC_NxDG1tzP_40BQwxjf7YdagCDI1BmRC2bA4sF9mqcnIq-yY-hrSAT2c2zJ3mywgrHZLfz-QPlzqrrUuqXCuRMpOOaB0UdJjhQhGkcb1rBMyB_AYZGMCRCdiZ2XY3xElYfwf_qAsAzy0m56ZZEpNJlVspxc5IG7fA7Es5_5vOhur96sUjfNrQ-j9aPdXKScF3NZprYZwU-y7iq2fdpQR_CfWMqH5-9xmM5nXo1l3Yv4KyVvFiZl95aOnfpanoEaKYMKCNTfryuIXlQoLemaZzUcw1vn0kSweRt6cNCaFjYD7wY05R0ZPzRh32k994x_0MxkURbTrT92PMSIU2CWC6SvcsJ6pLrxbnlfoFPRfXNIsYQNxUgS6LiRJFiWbTz88olqOovlITr50O48TbHZ-wKm6iqKWQI4E3KwHP-K0T64vNFC6n90CTZkD9QK2Xemx-vthqFA_XWu1dffeXdJ9t0Ckh9Hk_VHI0tbIQSuwpd5fvnXWNJWND00lwwyBfFCm7LiFvTP8ciPRtFpErrIkmE3oxckCckO2hKZ4r91eOr8yIAJyiWEO3dHdYqPVhEipdCpUNajIceiaLawoxdOzik6W6K_BOdTmIa82S7UMC8-pJAjIYtirxW2faIcpU7V6OCswqTA9R9gCtoZdFK6Kswt9yMxwP-v5NJBwnts6Ynq2jHvVkHdEZSA2rjWWKYQHG0LpLUH-_JPiaWD6Gji2SSSVx0py6m8z1JPBgvK0R70pRzAghL86xrWd5eWBmTFZg630nOZidSBUkHMlB-aMfLpBKsNS3PVuf9zZzBc_2p6SedVu2zYgVKpdn-P3_5jC-UXSzWpciEVDjfQ06vY8XHi6MEs3FnlgT6NW8PqG_tieIOJV-cxaGe5pFgoELgdaqpiF3BQoHnMOym4LOeFr1j9WFZ0qPCTIKH0QzjiaEOcleMPS5W2qMasqemMRRCIgr8DNu-LfW1tjJG0HunkgeTPB8resSUnMS5Pkla2-c3L5j361JXKI1TFq4_kWDXylC7i1XSntZzPfM9YcmX5O-LuBJdXEvfZ8pqRIqVmLFYY9IG6sPuNsmwnLEiGDnD8uoj5mGNctSHcjx0gMuvUPtNbUEPxeUH-uRt_eB7zTJQTmFxYnjb_0XSFnBxH3KAH7Axf9LvdOiuEZbCazztru3r4VzQhaGIUKFnbG93zEZv2ymm4eb220Gm1q0cnQ7wHA3pHKQ1e3CJZGq7m1RSfquqXjHEITfhDyqbRDOZudb74P46_CjFFbyLkk4PFAhY-jAl8U&cid=CAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 18:34:41 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 1E23 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=14526021&cmp=28674799&sid=4128031&plc=348477386&num=&adid=&advid=9533159&adsrv=1&btreg=540105152&btadsrv=doubleclick&crt=179577244&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AldTNbbNDhA1_LdlbVVMFTFfwW1zzswUdgwHxc07EQz1M5CmSiDs1oTn311RMcuXQa2Y-0dDKOfwY6McGg7BDomZapR7BvEidoGv3kOi7RyYgfYHttDbTaT2EkeBmtPDXtx6PzUSG7laaht2_v6GQALEsKISLmCtNTheCwOkOElyab06k&dbm_d=AKAmf-Bo5u1Nsdn6C4HVI44Qd31WZgAj79WRqMNOsJhDoz8fCYJcV0oyiV_pni3M980bkCnK_6aa1xYalUlDeowg_ie7VAos1qfk3DlHL9oaJeDQ4y_M3DEVixbbhwvqiFect2GAGzvXgOEz8JEo9PQvXP--4y3waz48qyJTiIh7wwTEgTwxLQFiwGdF0_UtLLLal-Q4D0lQue0KH4P2J4dS6Tvu3DqfMTYPHoJECaF6uzWdov28pzVX-3OjZ5r7dzTZxyGQ-dfN2DkNiXdPgpDMoweSzMWD_hjyiaqlToyHtXiS2WoV4GCnmtk7M4-erk2fhrIuMQ0Wk-51gv2cTFfer5tiXQDn00_hdUiajLVY9jYszzKBd-grL1F1w6A6B4Wn7o8mkzI43Mlltj1CVyzPmt2KuH4uR9Kb3jHd-zx2S2vr-G8zdMN6BOSDybjr8illCOkN35dMEMrAQlAeywd26mf67608ByqqM6UqPNENLoSF-6GUAL4bqbAjQovq9IBHky2Fy2QhcET16sTim2NsEn_dKTZs80-A3jzlA8MgrGb85lzTHn6TGnH89xEBHov6cLiGTV_qWMbQgXJuV0L2R_D6nNXzbwqKp3yefJAJVZcvD6drOeqXwSGtyG3Vwm_UDly5lTmt_S1HZHey3ui6LeM0fN0kILehRTFomc0RUv6RW8TfZlv97cZRniO3rcEAWRCAVKzo-ah0OB8NBBabLcs-3b5IfeWKpu5eHnrgUM6yjQ43N1HlVolEADM5CvOJwtLh6fv7kFGfVKhUE-dwvWMIicdGvwQvyUrTbxO6KJc0MeIT2qcSJ1qZs5N3Pfk_1VEz5cmqg0D2yxzoo5bJ9KkSekUNDLqTNXI8iqocbcA9LcKj3u6uH6Om2v3DEmtWemuuaILEP4_xue9vzFjhdZeNNKR1tjo5sev0P04z7fZOZvuk1pF4pK8riwtdbla_KRkqdmuoYKGBc6yaU_jU51yB9x5L7nuoWGBIVe5G3ERRrCW8BMU7w8eXxa1ZZMaqlT35__xCcWtK398Wg666K_vOi99vEKedzf-U8ErYfFsWVb3qqsdvOo_v0yrFUCqSY3jiRkZD_PAKTMxBzjePBsm_dS-HCEzpGkJrtklbZ7D_dNK6q-lW0S_K6PH4Lj4oSJmAhOfbFBHzjZLZ-kMvILpVsjtREE8Bw-SQxJO1FOblkKVC-62_kpWcbVDaE-eOEDPo2saMxV6NaoP86Moc4X7IF_sjpfg-zkE2KHSLUI9ipykOil0KnSS_0GjzVDT9ENEQJxcXLejPxp4x9rk-194_tCsAQh0-YvWATno0pEo-_dbUQ8-7UHJWehlGg9NVVVrcpqvW3RV47utgXI8Vlg9uNldCPGXdncxM3Ho4S3EP9vVH2PT-EmcizlH5GzGOviBcGRYH3Q_AXCfSnGXwGm0rPqXrs5NJeWduxeW75DAaHfmUSJ1iAT1Ph_GWx--yHbT9RgQziwfBdsjQcj3E35kkiuSfsb6Lsjtr02OU5Q7YFZ1-ymp0gJqsZSnS6NyHSTlt37optJxdoMr34Et6GRB8yNNKfbp8QfMNBCcfGxsgLwbwYojku01Cb-trbY2Cv2T-BOymZo_h7MzQ67Fyg3ewLo0AVfMqH1W3Zjhkt4slMNncPchxRou4T_8QGZBuGxITz1GK2ubaPMlAoytmLDzajLuRjBCk6XWpcY2CkOkKYusY4DR00Hj6DkE8tQMmg37YHuGPwLicxAU7hRB-rwEnuwYNldVoDyGGk6z04KQivUtSeyRtVsb6lrThcKG7RmiqHuV75ggMXyWLWI-4qsGoP0JybWeLjpd0MRd4pH3yQgpYeiPHdRoOJlG584BF0t4wScOqzQ_IuofjMuxGq2HHr-JeyCRS6BPLv5BFOLZrEv2yQNZFY1NG_ZPv7AKzjOhVefL9o7hLT109G8-i5HEjEw4o32sHqUTeYsixt8YiPbgV_7KTT4shTlRqK_LcP9fNm4KKgCG2NmbETPUzEEVwsNkAVt1gRTHrDSxKJDIi6CBOqSs8PHwBTqjCYO1XWhRp5jrbaVjiIn1ZnotaHQjJ239hxg-AJcFoqpPUxGFzeJVCL2eRgVZzz_gEcXpN4OQPC_NxDG1tzP_40BQwxjf7YdagCDI1BmRC2bA4sF9mqcnIq-yY-hrSAT2c2zJ3mywgrHZLfz-QPlzqrrUuqXCuRMpOOaB0UdJjhQhGkcb1rBMyB_AYZGMCRCdiZ2XY3xElYfwf_qAsAzy0m56ZZEpNJlVspxc5IG7fA7Es5_5vOhur96sUjfNrQ-j9aPdXKScF3NZprYZwU-y7iq2fdpQR_CfWMqH5-9xmM5nXo1l3Yv4KyVvFiZl95aOnfpanoEaKYMKCNTfryuIXlQoLemaZzUcw1vn0kSweRt6cNCaFjYD7wY05R0ZPzRh32k994x_0MxkURbTrT92PMSIU2CWC6SvcsJ6pLrxbnlfoFPRfXNIsYQNxUgS6LiRJFiWbTz88olqOovlITr50O48TbHZ-wKm6iqKWQI4E3KwHP-K0T64vNFC6n90CTZkD9QK2Xemx-vthqFA_XWu1dffeXdJ9t0Ckh9Hk_VHI0tbIQSuwpd5fvnXWNJWND00lwwyBfFCm7LiFvTP8ciPRtFpErrIkmE3oxckCckO2hKZ4r91eOr8yIAJyiWEO3dHdYqPVhEipdCpUNajIceiaLawoxdOzik6W6K_BOdTmIa82S7UMC8-pJAjIYtirxW2faIcpU7V6OCswqTA9R9gCtoZdFK6Kswt9yMxwP-v5NJBwnts6Ynq2jHvVkHdEZSA2rjWWKYQHG0LpLUH-_JPiaWD6Gji2SSSVx0py6m8z1JPBgvK0R70pRzAghL86xrWd5eWBmTFZg630nOZidSBUkHMlB-aMfLpBKsNS3PVuf9zZzBc_2p6SedVu2zYgVKpdn-P3_5jC-UXSzWpciEVDjfQ06vY8XHi6MEs3FnlgT6NW8PqG_tieIOJV-cxaGe5pFgoELgdaqpiF3BQoHnMOym4LOeFr1j9WFZ0qPCTIKH0QzjiaEOcleMPS5W2qMasqemMRRCIgr8DNu-LfW1tjJG0HunkgeTPB8resSUnMS5Pkla2-c3L5j361JXKI1TFq4_kWDXylC7i1XSntZzPfM9YcmX5O-LuBJdXEvfZ8pqRIqVmLFYY9IG6sPuNsmwnLEiGDnD8uoj5mGNctSHcjx0gMuvUPtNbUEPxeUH-uRt_eB7zTJQTmFxYnjb_0XSFnBxH3KAH7Axf9LvdOiuEZbCazztru3r4VzQhaGIUKFnbG93zEZv2ymm4eb220Gm1q0cnQ7wHA3pHKQ1e3CJZGq7m1RSfquqXjHEITfhDyqbRDOZudb74P46_CjFFbyLkk4PFAhY-jAl8U&cid=CAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 14:24:53 GMT
Server
Microsoft-IIS/10.0
ETag
"80e87b37ebe6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1E23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AldTNbbNDhA1_LdlbVVMFTFfwW1zzswUdgwHxc07EQz1M5CmSiDs1oTn311RMcuXQa2Y-0dDKOfwY6McGg7BDomZapR7BvEidoGv3kOi7RyYgfYHttDbTaT2EkeBmtPDXtx6PzUSG7laaht2_v6GQALEsKISLmCtNTheCwOkOElyab06k&dbm_d=AKAmf-Bo5u1Nsdn6C4HVI44Qd31WZgAj79WRqMNOsJhDoz8fCYJcV0oyiV_pni3M980bkCnK_6aa1xYalUlDeowg_ie7VAos1qfk3DlHL9oaJeDQ4y_M3DEVixbbhwvqiFect2GAGzvXgOEz8JEo9PQvXP--4y3waz48qyJTiIh7wwTEgTwxLQFiwGdF0_UtLLLal-Q4D0lQue0KH4P2J4dS6Tvu3DqfMTYPHoJECaF6uzWdov28pzVX-3OjZ5r7dzTZxyGQ-dfN2DkNiXdPgpDMoweSzMWD_hjyiaqlToyHtXiS2WoV4GCnmtk7M4-erk2fhrIuMQ0Wk-51gv2cTFfer5tiXQDn00_hdUiajLVY9jYszzKBd-grL1F1w6A6B4Wn7o8mkzI43Mlltj1CVyzPmt2KuH4uR9Kb3jHd-zx2S2vr-G8zdMN6BOSDybjr8illCOkN35dMEMrAQlAeywd26mf67608ByqqM6UqPNENLoSF-6GUAL4bqbAjQovq9IBHky2Fy2QhcET16sTim2NsEn_dKTZs80-A3jzlA8MgrGb85lzTHn6TGnH89xEBHov6cLiGTV_qWMbQgXJuV0L2R_D6nNXzbwqKp3yefJAJVZcvD6drOeqXwSGtyG3Vwm_UDly5lTmt_S1HZHey3ui6LeM0fN0kILehRTFomc0RUv6RW8TfZlv97cZRniO3rcEAWRCAVKzo-ah0OB8NBBabLcs-3b5IfeWKpu5eHnrgUM6yjQ43N1HlVolEADM5CvOJwtLh6fv7kFGfVKhUE-dwvWMIicdGvwQvyUrTbxO6KJc0MeIT2qcSJ1qZs5N3Pfk_1VEz5cmqg0D2yxzoo5bJ9KkSekUNDLqTNXI8iqocbcA9LcKj3u6uH6Om2v3DEmtWemuuaILEP4_xue9vzFjhdZeNNKR1tjo5sev0P04z7fZOZvuk1pF4pK8riwtdbla_KRkqdmuoYKGBc6yaU_jU51yB9x5L7nuoWGBIVe5G3ERRrCW8BMU7w8eXxa1ZZMaqlT35__xCcWtK398Wg666K_vOi99vEKedzf-U8ErYfFsWVb3qqsdvOo_v0yrFUCqSY3jiRkZD_PAKTMxBzjePBsm_dS-HCEzpGkJrtklbZ7D_dNK6q-lW0S_K6PH4Lj4oSJmAhOfbFBHzjZLZ-kMvILpVsjtREE8Bw-SQxJO1FOblkKVC-62_kpWcbVDaE-eOEDPo2saMxV6NaoP86Moc4X7IF_sjpfg-zkE2KHSLUI9ipykOil0KnSS_0GjzVDT9ENEQJxcXLejPxp4x9rk-194_tCsAQh0-YvWATno0pEo-_dbUQ8-7UHJWehlGg9NVVVrcpqvW3RV47utgXI8Vlg9uNldCPGXdncxM3Ho4S3EP9vVH2PT-EmcizlH5GzGOviBcGRYH3Q_AXCfSnGXwGm0rPqXrs5NJeWduxeW75DAaHfmUSJ1iAT1Ph_GWx--yHbT9RgQziwfBdsjQcj3E35kkiuSfsb6Lsjtr02OU5Q7YFZ1-ymp0gJqsZSnS6NyHSTlt37optJxdoMr34Et6GRB8yNNKfbp8QfMNBCcfGxsgLwbwYojku01Cb-trbY2Cv2T-BOymZo_h7MzQ67Fyg3ewLo0AVfMqH1W3Zjhkt4slMNncPchxRou4T_8QGZBuGxITz1GK2ubaPMlAoytmLDzajLuRjBCk6XWpcY2CkOkKYusY4DR00Hj6DkE8tQMmg37YHuGPwLicxAU7hRB-rwEnuwYNldVoDyGGk6z04KQivUtSeyRtVsb6lrThcKG7RmiqHuV75ggMXyWLWI-4qsGoP0JybWeLjpd0MRd4pH3yQgpYeiPHdRoOJlG584BF0t4wScOqzQ_IuofjMuxGq2HHr-JeyCRS6BPLv5BFOLZrEv2yQNZFY1NG_ZPv7AKzjOhVefL9o7hLT109G8-i5HEjEw4o32sHqUTeYsixt8YiPbgV_7KTT4shTlRqK_LcP9fNm4KKgCG2NmbETPUzEEVwsNkAVt1gRTHrDSxKJDIi6CBOqSs8PHwBTqjCYO1XWhRp5jrbaVjiIn1ZnotaHQjJ239hxg-AJcFoqpPUxGFzeJVCL2eRgVZzz_gEcXpN4OQPC_NxDG1tzP_40BQwxjf7YdagCDI1BmRC2bA4sF9mqcnIq-yY-hrSAT2c2zJ3mywgrHZLfz-QPlzqrrUuqXCuRMpOOaB0UdJjhQhGkcb1rBMyB_AYZGMCRCdiZ2XY3xElYfwf_qAsAzy0m56ZZEpNJlVspxc5IG7fA7Es5_5vOhur96sUjfNrQ-j9aPdXKScF3NZprYZwU-y7iq2fdpQR_CfWMqH5-9xmM5nXo1l3Yv4KyVvFiZl95aOnfpanoEaKYMKCNTfryuIXlQoLemaZzUcw1vn0kSweRt6cNCaFjYD7wY05R0ZPzRh32k994x_0MxkURbTrT92PMSIU2CWC6SvcsJ6pLrxbnlfoFPRfXNIsYQNxUgS6LiRJFiWbTz88olqOovlITr50O48TbHZ-wKm6iqKWQI4E3KwHP-K0T64vNFC6n90CTZkD9QK2Xemx-vthqFA_XWu1dffeXdJ9t0Ckh9Hk_VHI0tbIQSuwpd5fvnXWNJWND00lwwyBfFCm7LiFvTP8ciPRtFpErrIkmE3oxckCckO2hKZ4r91eOr8yIAJyiWEO3dHdYqPVhEipdCpUNajIceiaLawoxdOzik6W6K_BOdTmIa82S7UMC8-pJAjIYtirxW2faIcpU7V6OCswqTA9R9gCtoZdFK6Kswt9yMxwP-v5NJBwnts6Ynq2jHvVkHdEZSA2rjWWKYQHG0LpLUH-_JPiaWD6Gji2SSSVx0py6m8z1JPBgvK0R70pRzAghL86xrWd5eWBmTFZg630nOZidSBUkHMlB-aMfLpBKsNS3PVuf9zZzBc_2p6SedVu2zYgVKpdn-P3_5jC-UXSzWpciEVDjfQ06vY8XHi6MEs3FnlgT6NW8PqG_tieIOJV-cxaGe5pFgoELgdaqpiF3BQoHnMOym4LOeFr1j9WFZ0qPCTIKH0QzjiaEOcleMPS5W2qMasqemMRRCIgr8DNu-LfW1tjJG0HunkgeTPB8resSUnMS5Pkla2-c3L5j361JXKI1TFq4_kWDXylC7i1XSntZzPfM9YcmX5O-LuBJdXEvfZ8pqRIqVmLFYY9IG6sPuNsmwnLEiGDnD8uoj5mGNctSHcjx0gMuvUPtNbUEPxeUH-uRt_eB7zTJQTmFxYnjb_0XSFnBxH3KAH7Axf9LvdOiuEZbCazztru3r4VzQhaGIUKFnbG93zEZv2ymm4eb220Gm1q0cnQ7wHA3pHKQ1e3CJZGq7m1RSfquqXjHEITfhDyqbRDOZudb74P46_CjFFbyLkk4PFAhY-jAl8U&cid=CAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:48:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C3D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:04 GMT
dv-measurements3130.js
cdn.doubleverify.com/ Frame E442 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3130.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 11:48:15 GMT
Server
Microsoft-IIS/10.0
ETag
"80e9d655d5e6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106973
dv-measurements3130.js
cdn.doubleverify.com/ Frame 6016 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3130.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 11:48:15 GMT
Server
Microsoft-IIS/10.0
ETag
"80e9d655d5e6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106973
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2FE9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
386763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:39:01 GMT
expires
Thu, 19 Oct 2023 18:39:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A599 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haigram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:01 GMT
expires
Tue, 24 Oct 2023 06:05:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame ADE2 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9mdjtym&c=2985777585259&slotId=1492888792629.5&qqid=CNnd75OZ-PoCFYDmuwgd3poHVA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=980&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4012:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 956A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
layout_renderer.php
as.jivox.com/unit/ Frame 60E3 		457 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/unit_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.72.191 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6e27df17ee7de2054a21e318f2c715aeb8f5af73fd7d3f03ae2886af9e1ecb91

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Oct 2022 06:05:04 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
visit.js
tps.doubleverify.com/ Frame E442 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=351&ttfrms=31&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau92%3A8C2%3E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau92%3A8C2%3E%5D4%40%3ETar9EEADTbpTauTau562d725hh3d4e3gda3egb6be3_b_g%6026%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=41&ddur=174&uid=1666591504580759&jsCallback=dvCallback_1666591504580263&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=100&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=12&brh=2&sdf=2&dvp_epl=209&noc=4&nav_pltfrm=Win32&ctx=14526021&cmp=28674799&sid=4128031&plc=348477386&crt=179577244&btreg=540105152&btadsrv=doubleclick&adsrv=1&advid=9533159&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=282255682490.21924&dvp_tukv=8034415654.906182&dvp_uuid=22820114297.176422&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=89045432570
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff2226686a5a5d67becfc522f9dfadbcf2ad6ea8a2f047f7bfbf7c30e09a4a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/23/2022 06:05:04
visit.js
tps.doubleverify.com/ Frame 6016 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=381&ttfrms=7&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau92%3A8C2%3E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau92%3A8C2%3E%5D4%40%3ETar9EEADTbpTauTau562d725hh3d4e3gda3egb6be3_b_g%6026%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=41&ddur=174&uid=1666591504612945&jsCallback=dvCallback_1666591504612466&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=100&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=12&brh=2&sdf=2&dvp_epl=209&noc=4&nav_pltfrm=Win32&ctx=14526021&cmp=28674799&sid=4128031&plc=348477386&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=282255682490.21924&dvp_tukv=23670538769.51949&dvp_uuid=2185813167.2278028&dvp_strhd=0.20000028610229492&dvpx_strhd=0.20000028610229492&dvp_tuid=1380413568019
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e4e29dd19de1ee28bc632fb72fc38408970937f7145119380c8ebd7547f50d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Oct 2022 06:05:04 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/23/2022 06:05:04
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E22 		466 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNXLXF8jbMZ1_uBCJ6g08d5ScH4txG2vYr15Taf7T4R4Xhbk4akTT-zoUaIPr0AhxURxqV3p7xRAla53gQE6NCoyzpEQBdFv_tYso2uIxD89crusTcrgtvCrA3BXxRUvtyOsu7hTOleWZ3U5nYsaWa760hnTS3ARQauQX0IptitfxSIX1YQ
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A599 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASn2HBIy3W4mgBCGVoeQWQbRZkDv6yT3IKQH4SJ1cfZTEI2jQKX7Ul5yzuERFOULIw0DRSAL_VC3SH-tSz4LiFDLgvmaaxJGC_W_7FZeZh68DSAbNxxgFPzbTyU3rzhGwVPZmxU7_l0_fKZHS6Wj3ImpdS47oDs23md0iJ3lMkqbLtz2I&dbm_d=AKAmf-CNOAfbF9vEsyIgwLyYJp_Q57AGhiZbSmZA96TpQr527yElBXMRvhRMX8f69Ruh8DiIA11IAljZ7PrN1lKXZbjOkfRj_1WoAd41xm9-9w1tAuerqFg77P9g2YEMN5nrvlyYmsfdK8cy9uHxbYX4KMsiETFk2IgyGy5Y7jdlLNMkQGclUyD6NVxyvLma2gRdUnVIn492MP83HOvFdUiQMcqlQ8i33F-knSElZjfH-XC96G6QOqqnGO2umQ8AkwpSfBrnALxyhcQ2lzq-piqlnA22npoqlY74kodDnP-Tu57dfq7lFJl-FS9HlCzKQrEWf2xEl7PVl5hi30y-jHSAlU0ExdkNCpVSFtOci88MwUO4uJrZVXBoNv53s9C1MS8bzOaUjdpcKHbcWCde7r3wkhhTlBxuCICkDwHDu7dIFdbZl3pL1SOlhvcM1ef4EEMdKFrbS6MD9arer0PJQLssQQAOeVLuua6XuBVVbnkmd62BTSvkBlOJZcIGNorNA4iL2YWl4iBpO4wIjhSoDj29uwDqMPOcVPhYZZklNUUahI6hst3yJXdhgwTSZmg1nXMuDw6ndE301o-dxEEc49BsSsSn5Kwc8E9YalL0Gp9kXtZ0pefYkZE03K5SDIK6VQfm94WEA8VNFCGxqoHKUIJxnWXe9gdG3JMeI9alr0J00Mo4UGgon8Jr9iloGWYZPX-ZfWSEEcXEJNkbC4OwlftqCj3m0abwT6lInSPO6GfGbn71owcZlTcZklrz00rWzPqIZvSecT3Q0RfcyX79-ykRXMDbuK5RYFufjMOZSzZg4VFlzsqCj2uxGzJw7hge98whzCFUXox3Q_R4vehopQiln9F6w2ZBv_d9Fgi4rJnCStRNfqSJIHKctzoL6naMR_woElkPFkzJV9ptE8w6y5FN-sU35FXLou1BXbDmVV2l8LWfjsWG7GmqRi4YLjHzTMzUCKnyTo09VupLG_QpqS9FwIGj_4b9c6rDVo6ACLpX02g0ZtTGAfdvuFIGfuSAFqQwK3gZsTE-fsZ5_aXbxgTxtp3VWh2mQ1cwxW-PDyUQBTQmZZ_SSL0mOXogGQdZ19ibPlGRboSnYfXrRHaxKbgq-I3UOhUYRVMpd2yD8HITZRPAp-A3_m99ct-K3mH3WJLbBhHBvOHsdyU9pVxExlfOnmwoq7dd2wRb4EZeGl_HTN_KFbL2srInZCg9YKrTTAGZQretl6BbGewgqqUJnI2meXqo3bQVf4DXzdAh0hij7gnPO6H3LiC3JrkYwYMFbRG_XY-IilYu1objt_UwigJdfXkp-2bskWxyDh_9lkh4W-pD0AXdK6L4q1GV0MuwFjahukiplYoCTi-odLUjIZRMbO-0urB6xLjJPNC0G5X_o0mrYn-036cdUTx8fe4dSBMJXNrCT6R8EwSivJv08yuytLipiViwp7IA7dTfyLvB_njFWXU14pRXhQt9uZ8OTYd8VYqOq4Y-cCA1bBUgFDFSBEPMqC8cj96DCHtc8bFBx7I99Y-R4hEIQ83kZeY6OmBnauTZKlWjm-6iLDyyI7jbYDdIRMLqEqwmZ_feIInx8JnADveyNqgtvhZKauFsQ3Stjqg70-i1ixf9Gafs7-7qcivMDoVqbDfOQmjvJCtVbXuwleAAspIwa-4IMXKN8ZN0G85iAa3dwVLsOaaNw4yS2FQ3giojcKaTmwA-L-h168uqqWthYxoeti2j4VuvwFGOH6qBVjmJ8kngNy-r4ab__333wPguheiHEu_dJGSfm_eK_ktqK-BkDVAxjd_-Gzo4jjd3o4L6KJ8ykW7SBdThHmuVTsYMnEr8tPoaaILt0xsJPHI0UKP9ZyRagOwhjHWum4pgcOcOY7RRYPVdv5Gwp0w9G-ik5pXP84n8B3eTmcHFLiCL5e8AsMx5eHaexnVtBs_58nIzGfqjeF_oZKD5ECGcU3ytxIvTtSGPh2GvQrH0a2TLQIftTOpl9LQPZ7Y41Jn7XUE5OcZN1mstCip_kQDy2r70N9n3TvMEcla7Cx4j1DD7KRNkZEPaCaaThaIMDUkbxzyJhM52-SWyZVIgyZJ9UHW2BeRhXeE78kjlLTpaePK0-Cdo5kbpszJoNFHFy1mBW3cJqgCIBKou26UALRkxsUFB03K6d-WlMc3mbpeVgrcCdg2fej0dOsbqRQrJ5VAdlLgG1OtkWSVnPtefUSZ1Wd6qV1VbssfOP7aRoN3_NzK18wU9JcsdgV79WU0c69olIOxwV8QrQFa4dJ4oRaoxHXoekpJEPvr-qSGjRlxk0GO2UvKmnXpIn_1dSNJt-jnfOYTK8nE0hQwnFS7yotbfI5LjYsDHcEWc3xaKZR0SPaCm45PYKWddV7E5y7HhbLXhV3FmylB_ZcySvUl6YsJb4vPeSw2kDU8v1ZBYFqUmZvb7KauJYBNx2W6LHvBw0ghnLOjG_YQ7kYf4xPfVxeh-YhPkZlTPiZiE7zdX94EU6BGW1CSnR9etnASBV7IJ_d_OMRgseeyXr-P8yxosMbrVUtRClhZb3BYzLRiLECnkrcNtjUGe4Pi_B8nKeFDTygTkvzM75f9i0Tn_FGc3Dqp1a_HQzuWtEZ_1LZIH-99pZp2Fie-0nvOg3dYJWSvIIAKHm2st8DZAymJn_MUtbrvWIQfiz70FYA1ctvZXIVAb6tpXiKQPboIDsfwA94m3E0Lf2PsrqED2DGFkE92X3SJBtOVG-79Qp--lqi7Y32mjJMkQyCWZtA9S8Jv9608yMbIUxQudaooEX9EEFl5GOVySBr_yQeN5G7LktO-cpnl5lqYtn17s2_uXYvGxK6s0MbsRzAMcjjWcvVcXtDy8-NlZzQFsBHYoj3jSqnuEaubwWiHHhiyysYyLS5dEJf5gpyKKKHV3xfbMmZuxLTnjPQz9eDWxHmar9YGM7fULQ2nQa4ARJJKi5c9DEF0gHcyfsgI0eEfwCngacuvXTVnDfWylLadpqB6IqxJSFAIXWnkqsFsCZX62mr2BEIZbsn8tCac1Mwvry0qBbV9ubBSlNtdxh2yrDFoKNbnzx9w-4RQUB7w4vofgT3HmrT5kCBhm6tL5q_ukwdjLJJqbBdDCWHN1F6BSXCrUQ99wWhzxRctQnqbMkQk3bRlWkVGjNFk_WwpWoDDWJadnaTKyKplDk5NdE6FZbm6xdamFiW0rxyLYgEo7N6Afccy_eJztYT9zj_CgxI4xUfdcncSBdHJ2V3lJ6oTdSYLHBkYMGqqUCs-ZLxBYnipUlP89nytRrdFqAWpJygPFLs6P0aNkzDT_LiPqRGI-9gYMwvIvBXC_8xqcnhygkLY8w_zel6zCM6KB_2bVXrVGHbPivBUHaYPmbbUqs5bK_kirR4suO8LTB4yKCkxV0UT-JgZ6j0i3Ca3xbSmk4GOr&cid=CAQSPADq26N9yxuArFsrNlYZGehEBap-9U4U3OZpKcURMlImGRe_WtwAARFXaLL_MJbQ8abFJ84JV1SILfkEkRgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02473396d4c6bbbca1b76c6ffa9eeea68a8ac546fb18c16d8403376a3a33728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A599 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aec0cWnHKneJZLCuZbtAINbfFBLIh-SCtiYgIUzmxjQ875z14q87W5cZdLA8y__8LI0Wdg6DktfeUMFeLcN1SsgFuXJi5eBbQTTUzOWh4rStBMsNI
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame A599 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 22:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 22:05:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame A599 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A599 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CB6F 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 11:15:32 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 11:15:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1E23 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2c4e98b14a2368dfd16b838f30352905d716e26e17337ea242d1ae52bba879

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 2FE9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AE5 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BrBc-DytWY7GGJeiQxgKLzJz4CgAAAAA4AeAEAg&bg=!AgGlAUXNAAaaxvStusY7ACkAdvg8WgstuaXeHbHgy_bXVGgj-2WKzy5YNNBwxnGUDymlpois1e3ZSgIAAAJ6UgAAAAloAQcKAAxZFYKhQT9sg_ODdDuZAzhZwq5cU_7vWYZHMhAE20V11CSUOlyRDMf5YmEoDCLBidJu3ysRKxB9Yu6ORbQKzM946d_2Rre8JWRGyI1SGG7dqJab3UXuVBj5LYcmJZIBuqfn7h5N0cBFoOEK1y6EcLciH4KXqb9uVKIBtQOrSzew2BY8gMX94g3SYfyFiq7ZRTiUuTEfpsiTHS-46_YZ3BetitO_ayPqWxL7QAD5ikBZqDQkntGFLYreNRNJ5aTb0ybFufbmf5o-JrAdRzBR3Gv6UoZDuGvmzb6Hux1UATGzrgMSD_hjf4Vm3nokzE3ASJgrd3Z_PGOK3XIMyo3COH3I0OI1rizaC0zCfhXr-BlRpGIJPDudbucK3WA6sTPQsv-x8ANX-tElfab_EiJ-lWIQtLMs0NqXgoZoWF6IphgASRHLbassgLk6yUuK96JSYLvqb4c9hxIh93MKaPORXSk2jg0YqHPq4CPj2RCoKdpgpBLHSrWEHiIhNwODnI7ReJoWpZnAO03IUsukj5IR8kalippMPIbyYpFUuH_yXltRFpPdX4TKlTMnXsvdgr-gYzxatg1rIP1EfZBBWlkMjpVkMovcWQn0n1DuGHzOT3SnyB6f9I0lNifrnRip0oOwMwfYUg9ynzbVB8izFEANn6q3nPBvMtmW9ObU0wSN-HAABz9lGv2kQT_V8ZyMzyNKeTo-mqtVJl3eFWCF1Ve3TBobE-gpqcbQKuTwBiVXTS-lSQugQMen01TRieTqX5RYfZsHE4hNv4SIpJLssQVx9Xl5FuAMvryYs618v2gqgTOMlqyHSeytqeBkQd9NZfF8g5FNDTyp7fH6YlhgDh6_YkcltTMXEfusQ4Hvhk3kwOdArlfr5Eia71Gg2H0iW8bHxZqvvaBtIBdEZZrCpgzMbXxk3xgQeWW0WMZ9z8nkYr1vDdRk0Dkug7mwCqDpy3u87yW7owSsFGZ85Wovg3ALrXLsf1QXW-y6_8caeD_QV6cvqb8qT29syeTQimtaWxhGR4SA_g__jzerGjF4F4hWdV4PREOpwsU2kGwR9Gpp_ra5AbKYSxiYmFMLkQHVypX9YEA7d3wyujA_WGRcl5HGu9hy5x8ODH_IAQ
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 7E22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1&__user_check__=1&sync_id=cdca2b70-5361-11ed-86b0-1e87ce780106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1&__user_check__=1&sync_id=cdca2b70-5361-11ed-86b0-1e87ce780106
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNXLXF8jbMZ1_uBCJ6g08d5ScH4txG2vYr15Taf7T4R4Xhbk4akTT-zoUaIPr0AhxURxqV3p7xRAla53gQE6NCoyzpEQBdFv_tYso2uIxD89crusTcrgtvCrA3BXxRUvtyOsu7hTOleWZ3U5nYsaWa760hnTS3ARQauQX0IptitfxSIX1YQ
Protocol
HTTP/1.1
Server
185.94.180.126 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESELFPhGrxEwSzUsv5KtWFLOU&google_cver=1&__user_check__=1&sync_id=cdca2b70-5361-11ed-86b0-1e87ce780106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7E22
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2RjYTJiMGMtNTM2MS0xMWVkLTg2YjAtMWU4N2NlNzgwMTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2RjYTJiMGMtNTM2MS0xMWVkLTg2YjAtMWU4N2NlNzgwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNXLXF8jbMZ1_uBCJ6g08d5ScH4txG2vYr15Taf7T4R4Xhbk4akTT-zoUaIPr0AhxURxqV3p7xRAla53gQE6NCoyzpEQBdFv_tYso2uIxD89crusTcrgtvCrA3BXxRUvtyOsu7hTOleWZ3U5nYsaWa760hnTS3ARQauQX0IptitfxSIX1YQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 24 Oct 2022 06:05:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2RjYTJiMGMtNTM2MS0xMWVkLTg2YjAtMWU4N2NlNzgwMTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
94
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7E22
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zZUhDcUl4RTJ1RWxfYllDZ0RHTDdqbjZXdXR1Qkc3Un5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zZUhDcUl4RTJ1RWxfYllDZ0RHTDdqbjZXdXR1Qkc3Un5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNXLXF8jbMZ1_uBCJ6g08d5ScH4txG2vYr15Taf7T4R4Xhbk4akTT-zoUaIPr0AhxURxqV3p7xRAla53gQE6NCoyzpEQBdFv_tYso2uIxD89crusTcrgtvCrA3BXxRUvtyOsu7hTOleWZ3U5nYsaWa760hnTS3ARQauQX0IptitfxSIX1YQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1zZUhDcUl4RTJ1RWxfYllDZ0RHTDdqbjZXdXR1Qkc3Un5B
date
Mon, 24 Oct 2022 06:05:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame C3D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxV3hCKZ-uQfU32ihXv0IWfIUG2kQJscm06wVpnLBssPZHarWVOO-yGImlhmHcsD8o0xHym34DQmlFChwPkHjq3p9xwV6Iy3jyl01k45fBRwo_cDtwJFv28azTzfuaN1OaGLnICA&sai=AMfl-YS28L_4FJ5fXBBEIr4_8L1SUT29lExllRy1dcfExNhKTYNrMZGwDMjwTaibsodgpLzqi2vIW3tr7sd0WRXVbh3HZD2_BaRASoLUJuBG45VWFCYW0cKvdahYteFphwI&sig=Cg0ArKJSzI9p785pAicPEAE&cid=CAQSPADq26N99md0R-cKsOQ_R7e2OA9iiK47bzAj6oTSSPS5a-47GEvDmDlTYcSh8sctHPnTCIdRtWhTnxa3UhgBIA4&id=lidar2&mcvt=1049&p=74,650,324,950&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3731781235&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666591503373&rpt=245&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A56B 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7U8PDytWY-qNHqDA9u8P7aS_wAcAAAAAOAHgBAI&bg=!cnGlcTXNAAaaxvStusY7ACkAdvg8WlkfzdxILjEg_QEGhFpjf0_o8cxZRuDqbiJfWf9S0gvtmzfvsQIAAALsUgAAAANoAQcKACVtr5-rRpZxR0g8NXdfJHRoGew9ZcA9H4xEqpvc0nCnvYnwce6CmQLv9bbTW7Yu0rOgfBZGqIijun_M2yKnL7yhi0r5FAhoHGYrvOx3kB9m9ErBdfcRT92OiGlWmSkHjFuKRX0Co6pZ1eoHOxsxAk4jMYGcamU6yXkKFwkzCJp_Lv1Hh7xOGY6CTgobuufFgL3NhcE-bZuE87_rzWSqKHFSWXHVwX240EUZWBHEG-3FErcKfDlqvgXns5OlQBMUQAjlkHHnVPP4KqO-nLdsvG6bhXD8O4ImChOQoPlr5kifdd7Ax5pmx8OCNGruvkSdsjGLvWZkS0_7y72yGEilxCM99UBbcULx5ekK8pLXnIdJ77LYTkOJWHqLG0GurdtgE8Y01TxKAVbp49zCf7pLy52F7akwDr3f8Yhal6w_8y5-rVvPp2Ep2JFUnw9vYFpt_YBKPlA7biUFW8PjKU8jEm2ZS_msiiZluTgrf_KzTtekAxon5YU3SjpyN6ZpVeQ8BBjjdl8JEPhgHV16taWmdDdMi7ewlKKI0ClSnyfME4jpm_XSMBN7YVJmgukIz1FQ6TdB1UECb23CsAHGgUnJNXCLY-ipFhz7sNu-gkQijKSzqIvaIBYjbN-w-ztERfdtuYI6Uim3hIA9bwxb8oUVGbbyzZlUj5ekWBn25sfyRPwFS2vv3E-QqQygRM0xsLqZ6RtVkzWUD4RyGgOuKPfnz3knjC189TS64-sg50iE6NQfzhGbVaRkTJbWW6VQ1hU0LW2UH_iiC_XpPitPqMR_Idfcl6DqYSmApaiazm_KCjTOtfMxj0JJ7ZFaQ_jmi6JQxUZO0ZScrl24rdCEpfFXfW4pyQpX-75Ug066SVfc-_j5E_mjFBrcz9QtshalkH8slKA1nkIIzUxczhsw8hzgQL-sUOV2r2gBYqZ59lZVa54qiKeHw3r7JYMHrkITp4zK1s3kcLXrdilG7d5iBiXlCt_juuWooaZcarsMJ1oFt5Ajk3TG8HZLY0CusPjdC9h1Uj0cU4xpukZpH4oLGiDNXNmdAlwrVeT2Bw
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB6F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIq5kXlYPFudA8oW3gdmoQE&google_cver=1&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFM...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFMrgk3Ke82gu0ZBI9aTWO3vQAmaBL7K6sNVJRhak7OpW&google_hm=WF54gOVPFhzl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFMrgk3Ke82gu0ZBI9aTWO3vQAmaBL7K6sNVJRhak7OpW&google_hm=WF54gOVPFhzlxXWIcJbYGw
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EvO9AzApiXwgfFRaUS49Fj_SJlz6joSwWCSNCn5a5QcZd0qHRFMrgk3Ke82gu0ZBI9aTWO3vQAmaBL7K6sNVJRhak7OpW&google_hm=WF54gOVPFhzlxXWIcJbYGw
pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame CB6F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBg02AVNTL4iIm7wl4Tkwz8&google_cver=1&google_push=AZmPxg9WfHcZpxsv_9MUZIxyWSlLXfiWalk-S2DB7UzmPXKAVXi8mYlpiyuCSXShW7IDBWFV3AdnfaSO8nFNW9s5yQSSPxFKixHU
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CB6F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDxJ1odP2cjf5w4_5NC14bY&google_cver=1&google_push=AZmPxg-ibedhcYPR63ij4pXpaMHKATRtjuBCW9tqahSubkIQ0tqMMUR1uzcHXBi5MgfTVK4ck8S1sBsUtylooQqsNkPkFW6vnhjG
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 24 Oct 2022 06:05:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CB6F 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIKQxdVvbTfvuGsVBgnw4GM&google_cver=1&google_push=AZmPxg9TjEjtzqYTmQc2EWX-LmB_4kUR4W7BNz0WjxuZVp9s3bCiztYC6pw5P-WbvYxEFQ53vN9qiGnGIcqFAw38DTTdjd6oensp
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame CB6F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEESRRqXWVKdRg7QUxHHQIo&google_cver=1&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGt...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEESRRqXWVKdRg7QUxHHQIo&google_cver=1&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eU...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IoU94CAmQqWFX4ebFvnVwQ&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IoU94CAmQqWFX4ebFvnVwQ&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGtobrm4
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=IoU94CAmQqWFX4ebFvnVwQ&google_push=AZmPxg8icGcWPhNo-1-tHQpR-U41SuZbfOomEIOHluweyeWSvcegCLwO6MQDGOeHAxTVez0bAkjtSucki7w--3eUeZbMGtobrm4
access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame CB6F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-9adc3305-71cd-43f2-8a82-c1cf6ff353c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-GH3rdJ3WMgY8wORs6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&google_hm=A5rcMwVxzUPyioLBz2_zU8U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&google_hm=A5rcMwVxzUPyioLBz2_zU8U
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-GH3rdJ3WMgY8wORs6b2VFJnESJKix7cECO8Rsha5xqUTg4PucJkdLvOFHbQ56n2g4RarfS4H96Jro8LJMiaUpHxEgl8pD&google_hm=A5rcMwVxzUPyioLBz2_zU8U
date
Mon, 24 Oct 2022 06:05:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9adc330571cd43f28a82c1cf6ff353c5003
content-type
text/html
report
sync.teads.tv/um/ Frame CB6F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENtlWyXiI98VVympZ8LiyP4&google_cver=1&google_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg9A84HQMsaCGVFOazo1rDNC5XO--mqwRUg50SL5mIOLunuA8x2AjceXxPshLK1iFjXzT-Xa5LOHcVtsYq5R9F7x8O2KibQoUg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2.18.232.7 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 24 Oct 2022 06:05:04 GMT
pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CB6F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ih0cBAJv7naDkOQgGnJpSTzRvJwUkk0QydrXPr4IlUVFMu_moNJnl0zETC3W2r94SvN1k7NQ
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195780/ Frame A599 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195780/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b52b2b021b0c6b75b0fdad5c0e586f79e222f39b90b1ba4d0dc80ded1058e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A599 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Origin
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 16:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 16:47:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame A599 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASn2HBIy3W4mgBCGVoeQWQbRZkDv6yT3IKQH4SJ1cfZTEI2jQKX7Ul5yzuERFOULIw0DRSAL_VC3SH-tSz4LiFDLgvmaaxJGC_W_7FZeZh68DSAbNxxgFPzbTyU3rzhGwVPZmxU7_l0_fKZHS6Wj3ImpdS47oDs23md0iJ3lMkqbLtz2I&dbm_d=AKAmf-CNOAfbF9vEsyIgwLyYJp_Q57AGhiZbSmZA96TpQr527yElBXMRvhRMX8f69Ruh8DiIA11IAljZ7PrN1lKXZbjOkfRj_1WoAd41xm9-9w1tAuerqFg77P9g2YEMN5nrvlyYmsfdK8cy9uHxbYX4KMsiETFk2IgyGy5Y7jdlLNMkQGclUyD6NVxyvLma2gRdUnVIn492MP83HOvFdUiQMcqlQ8i33F-knSElZjfH-XC96G6QOqqnGO2umQ8AkwpSfBrnALxyhcQ2lzq-piqlnA22npoqlY74kodDnP-Tu57dfq7lFJl-FS9HlCzKQrEWf2xEl7PVl5hi30y-jHSAlU0ExdkNCpVSFtOci88MwUO4uJrZVXBoNv53s9C1MS8bzOaUjdpcKHbcWCde7r3wkhhTlBxuCICkDwHDu7dIFdbZl3pL1SOlhvcM1ef4EEMdKFrbS6MD9arer0PJQLssQQAOeVLuua6XuBVVbnkmd62BTSvkBlOJZcIGNorNA4iL2YWl4iBpO4wIjhSoDj29uwDqMPOcVPhYZZklNUUahI6hst3yJXdhgwTSZmg1nXMuDw6ndE301o-dxEEc49BsSsSn5Kwc8E9YalL0Gp9kXtZ0pefYkZE03K5SDIK6VQfm94WEA8VNFCGxqoHKUIJxnWXe9gdG3JMeI9alr0J00Mo4UGgon8Jr9iloGWYZPX-ZfWSEEcXEJNkbC4OwlftqCj3m0abwT6lInSPO6GfGbn71owcZlTcZklrz00rWzPqIZvSecT3Q0RfcyX79-ykRXMDbuK5RYFufjMOZSzZg4VFlzsqCj2uxGzJw7hge98whzCFUXox3Q_R4vehopQiln9F6w2ZBv_d9Fgi4rJnCStRNfqSJIHKctzoL6naMR_woElkPFkzJV9ptE8w6y5FN-sU35FXLou1BXbDmVV2l8LWfjsWG7GmqRi4YLjHzTMzUCKnyTo09VupLG_QpqS9FwIGj_4b9c6rDVo6ACLpX02g0ZtTGAfdvuFIGfuSAFqQwK3gZsTE-fsZ5_aXbxgTxtp3VWh2mQ1cwxW-PDyUQBTQmZZ_SSL0mOXogGQdZ19ibPlGRboSnYfXrRHaxKbgq-I3UOhUYRVMpd2yD8HITZRPAp-A3_m99ct-K3mH3WJLbBhHBvOHsdyU9pVxExlfOnmwoq7dd2wRb4EZeGl_HTN_KFbL2srInZCg9YKrTTAGZQretl6BbGewgqqUJnI2meXqo3bQVf4DXzdAh0hij7gnPO6H3LiC3JrkYwYMFbRG_XY-IilYu1objt_UwigJdfXkp-2bskWxyDh_9lkh4W-pD0AXdK6L4q1GV0MuwFjahukiplYoCTi-odLUjIZRMbO-0urB6xLjJPNC0G5X_o0mrYn-036cdUTx8fe4dSBMJXNrCT6R8EwSivJv08yuytLipiViwp7IA7dTfyLvB_njFWXU14pRXhQt9uZ8OTYd8VYqOq4Y-cCA1bBUgFDFSBEPMqC8cj96DCHtc8bFBx7I99Y-R4hEIQ83kZeY6OmBnauTZKlWjm-6iLDyyI7jbYDdIRMLqEqwmZ_feIInx8JnADveyNqgtvhZKauFsQ3Stjqg70-i1ixf9Gafs7-7qcivMDoVqbDfOQmjvJCtVbXuwleAAspIwa-4IMXKN8ZN0G85iAa3dwVLsOaaNw4yS2FQ3giojcKaTmwA-L-h168uqqWthYxoeti2j4VuvwFGOH6qBVjmJ8kngNy-r4ab__333wPguheiHEu_dJGSfm_eK_ktqK-BkDVAxjd_-Gzo4jjd3o4L6KJ8ykW7SBdThHmuVTsYMnEr8tPoaaILt0xsJPHI0UKP9ZyRagOwhjHWum4pgcOcOY7RRYPVdv5Gwp0w9G-ik5pXP84n8B3eTmcHFLiCL5e8AsMx5eHaexnVtBs_58nIzGfqjeF_oZKD5ECGcU3ytxIvTtSGPh2GvQrH0a2TLQIftTOpl9LQPZ7Y41Jn7XUE5OcZN1mstCip_kQDy2r70N9n3TvMEcla7Cx4j1DD7KRNkZEPaCaaThaIMDUkbxzyJhM52-SWyZVIgyZJ9UHW2BeRhXeE78kjlLTpaePK0-Cdo5kbpszJoNFHFy1mBW3cJqgCIBKou26UALRkxsUFB03K6d-WlMc3mbpeVgrcCdg2fej0dOsbqRQrJ5VAdlLgG1OtkWSVnPtefUSZ1Wd6qV1VbssfOP7aRoN3_NzK18wU9JcsdgV79WU0c69olIOxwV8QrQFa4dJ4oRaoxHXoekpJEPvr-qSGjRlxk0GO2UvKmnXpIn_1dSNJt-jnfOYTK8nE0hQwnFS7yotbfI5LjYsDHcEWc3xaKZR0SPaCm45PYKWddV7E5y7HhbLXhV3FmylB_ZcySvUl6YsJb4vPeSw2kDU8v1ZBYFqUmZvb7KauJYBNx2W6LHvBw0ghnLOjG_YQ7kYf4xPfVxeh-YhPkZlTPiZiE7zdX94EU6BGW1CSnR9etnASBV7IJ_d_OMRgseeyXr-P8yxosMbrVUtRClhZb3BYzLRiLECnkrcNtjUGe4Pi_B8nKeFDTygTkvzM75f9i0Tn_FGc3Dqp1a_HQzuWtEZ_1LZIH-99pZp2Fie-0nvOg3dYJWSvIIAKHm2st8DZAymJn_MUtbrvWIQfiz70FYA1ctvZXIVAb6tpXiKQPboIDsfwA94m3E0Lf2PsrqED2DGFkE92X3SJBtOVG-79Qp--lqi7Y32mjJMkQyCWZtA9S8Jv9608yMbIUxQudaooEX9EEFl5GOVySBr_yQeN5G7LktO-cpnl5lqYtn17s2_uXYvGxK6s0MbsRzAMcjjWcvVcXtDy8-NlZzQFsBHYoj3jSqnuEaubwWiHHhiyysYyLS5dEJf5gpyKKKHV3xfbMmZuxLTnjPQz9eDWxHmar9YGM7fULQ2nQa4ARJJKi5c9DEF0gHcyfsgI0eEfwCngacuvXTVnDfWylLadpqB6IqxJSFAIXWnkqsFsCZX62mr2BEIZbsn8tCac1Mwvry0qBbV9ubBSlNtdxh2yrDFoKNbnzx9w-4RQUB7w4vofgT3HmrT5kCBhm6tL5q_ukwdjLJJqbBdDCWHN1F6BSXCrUQ99wWhzxRctQnqbMkQk3bRlWkVGjNFk_WwpWoDDWJadnaTKyKplDk5NdE6FZbm6xdamFiW0rxyLYgEo7N6Afccy_eJztYT9zj_CgxI4xUfdcncSBdHJ2V3lJ6oTdSYLHBkYMGqqUCs-ZLxBYnipUlP89nytRrdFqAWpJygPFLs6P0aNkzDT_LiPqRGI-9gYMwvIvBXC_8xqcnhygkLY8w_zel6zCM6KB_2bVXrVGHbPivBUHaYPmbbUqs5bK_kirR4suO8LTB4yKCkxV0UT-JgZ6j0i3Ca3xbSmk4GOr&cid=CAQSPADq26N9yxuArFsrNlYZGehEBap-9U4U3OZpKcURMlImGRe_WtwAARFXaLL_MJbQ8abFJ84JV1SILfkEkRgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 16:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
47325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 16:56:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame A599 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASn2HBIy3W4mgBCGVoeQWQbRZkDv6yT3IKQH4SJ1cfZTEI2jQKX7Ul5yzuERFOULIw0DRSAL_VC3SH-tSz4LiFDLgvmaaxJGC_W_7FZeZh68DSAbNxxgFPzbTyU3rzhGwVPZmxU7_l0_fKZHS6Wj3ImpdS47oDs23md0iJ3lMkqbLtz2I&dbm_d=AKAmf-CNOAfbF9vEsyIgwLyYJp_Q57AGhiZbSmZA96TpQr527yElBXMRvhRMX8f69Ruh8DiIA11IAljZ7PrN1lKXZbjOkfRj_1WoAd41xm9-9w1tAuerqFg77P9g2YEMN5nrvlyYmsfdK8cy9uHxbYX4KMsiETFk2IgyGy5Y7jdlLNMkQGclUyD6NVxyvLma2gRdUnVIn492MP83HOvFdUiQMcqlQ8i33F-knSElZjfH-XC96G6QOqqnGO2umQ8AkwpSfBrnALxyhcQ2lzq-piqlnA22npoqlY74kodDnP-Tu57dfq7lFJl-FS9HlCzKQrEWf2xEl7PVl5hi30y-jHSAlU0ExdkNCpVSFtOci88MwUO4uJrZVXBoNv53s9C1MS8bzOaUjdpcKHbcWCde7r3wkhhTlBxuCICkDwHDu7dIFdbZl3pL1SOlhvcM1ef4EEMdKFrbS6MD9arer0PJQLssQQAOeVLuua6XuBVVbnkmd62BTSvkBlOJZcIGNorNA4iL2YWl4iBpO4wIjhSoDj29uwDqMPOcVPhYZZklNUUahI6hst3yJXdhgwTSZmg1nXMuDw6ndE301o-dxEEc49BsSsSn5Kwc8E9YalL0Gp9kXtZ0pefYkZE03K5SDIK6VQfm94WEA8VNFCGxqoHKUIJxnWXe9gdG3JMeI9alr0J00Mo4UGgon8Jr9iloGWYZPX-ZfWSEEcXEJNkbC4OwlftqCj3m0abwT6lInSPO6GfGbn71owcZlTcZklrz00rWzPqIZvSecT3Q0RfcyX79-ykRXMDbuK5RYFufjMOZSzZg4VFlzsqCj2uxGzJw7hge98whzCFUXox3Q_R4vehopQiln9F6w2ZBv_d9Fgi4rJnCStRNfqSJIHKctzoL6naMR_woElkPFkzJV9ptE8w6y5FN-sU35FXLou1BXbDmVV2l8LWfjsWG7GmqRi4YLjHzTMzUCKnyTo09VupLG_QpqS9FwIGj_4b9c6rDVo6ACLpX02g0ZtTGAfdvuFIGfuSAFqQwK3gZsTE-fsZ5_aXbxgTxtp3VWh2mQ1cwxW-PDyUQBTQmZZ_SSL0mOXogGQdZ19ibPlGRboSnYfXrRHaxKbgq-I3UOhUYRVMpd2yD8HITZRPAp-A3_m99ct-K3mH3WJLbBhHBvOHsdyU9pVxExlfOnmwoq7dd2wRb4EZeGl_HTN_KFbL2srInZCg9YKrTTAGZQretl6BbGewgqqUJnI2meXqo3bQVf4DXzdAh0hij7gnPO6H3LiC3JrkYwYMFbRG_XY-IilYu1objt_UwigJdfXkp-2bskWxyDh_9lkh4W-pD0AXdK6L4q1GV0MuwFjahukiplYoCTi-odLUjIZRMbO-0urB6xLjJPNC0G5X_o0mrYn-036cdUTx8fe4dSBMJXNrCT6R8EwSivJv08yuytLipiViwp7IA7dTfyLvB_njFWXU14pRXhQt9uZ8OTYd8VYqOq4Y-cCA1bBUgFDFSBEPMqC8cj96DCHtc8bFBx7I99Y-R4hEIQ83kZeY6OmBnauTZKlWjm-6iLDyyI7jbYDdIRMLqEqwmZ_feIInx8JnADveyNqgtvhZKauFsQ3Stjqg70-i1ixf9Gafs7-7qcivMDoVqbDfOQmjvJCtVbXuwleAAspIwa-4IMXKN8ZN0G85iAa3dwVLsOaaNw4yS2FQ3giojcKaTmwA-L-h168uqqWthYxoeti2j4VuvwFGOH6qBVjmJ8kngNy-r4ab__333wPguheiHEu_dJGSfm_eK_ktqK-BkDVAxjd_-Gzo4jjd3o4L6KJ8ykW7SBdThHmuVTsYMnEr8tPoaaILt0xsJPHI0UKP9ZyRagOwhjHWum4pgcOcOY7RRYPVdv5Gwp0w9G-ik5pXP84n8B3eTmcHFLiCL5e8AsMx5eHaexnVtBs_58nIzGfqjeF_oZKD5ECGcU3ytxIvTtSGPh2GvQrH0a2TLQIftTOpl9LQPZ7Y41Jn7XUE5OcZN1mstCip_kQDy2r70N9n3TvMEcla7Cx4j1DD7KRNkZEPaCaaThaIMDUkbxzyJhM52-SWyZVIgyZJ9UHW2BeRhXeE78kjlLTpaePK0-Cdo5kbpszJoNFHFy1mBW3cJqgCIBKou26UALRkxsUFB03K6d-WlMc3mbpeVgrcCdg2fej0dOsbqRQrJ5VAdlLgG1OtkWSVnPtefUSZ1Wd6qV1VbssfOP7aRoN3_NzK18wU9JcsdgV79WU0c69olIOxwV8QrQFa4dJ4oRaoxHXoekpJEPvr-qSGjRlxk0GO2UvKmnXpIn_1dSNJt-jnfOYTK8nE0hQwnFS7yotbfI5LjYsDHcEWc3xaKZR0SPaCm45PYKWddV7E5y7HhbLXhV3FmylB_ZcySvUl6YsJb4vPeSw2kDU8v1ZBYFqUmZvb7KauJYBNx2W6LHvBw0ghnLOjG_YQ7kYf4xPfVxeh-YhPkZlTPiZiE7zdX94EU6BGW1CSnR9etnASBV7IJ_d_OMRgseeyXr-P8yxosMbrVUtRClhZb3BYzLRiLECnkrcNtjUGe4Pi_B8nKeFDTygTkvzM75f9i0Tn_FGc3Dqp1a_HQzuWtEZ_1LZIH-99pZp2Fie-0nvOg3dYJWSvIIAKHm2st8DZAymJn_MUtbrvWIQfiz70FYA1ctvZXIVAb6tpXiKQPboIDsfwA94m3E0Lf2PsrqED2DGFkE92X3SJBtOVG-79Qp--lqi7Y32mjJMkQyCWZtA9S8Jv9608yMbIUxQudaooEX9EEFl5GOVySBr_yQeN5G7LktO-cpnl5lqYtn17s2_uXYvGxK6s0MbsRzAMcjjWcvVcXtDy8-NlZzQFsBHYoj3jSqnuEaubwWiHHhiyysYyLS5dEJf5gpyKKKHV3xfbMmZuxLTnjPQz9eDWxHmar9YGM7fULQ2nQa4ARJJKi5c9DEF0gHcyfsgI0eEfwCngacuvXTVnDfWylLadpqB6IqxJSFAIXWnkqsFsCZX62mr2BEIZbsn8tCac1Mwvry0qBbV9ubBSlNtdxh2yrDFoKNbnzx9w-4RQUB7w4vofgT3HmrT5kCBhm6tL5q_ukwdjLJJqbBdDCWHN1F6BSXCrUQ99wWhzxRctQnqbMkQk3bRlWkVGjNFk_WwpWoDDWJadnaTKyKplDk5NdE6FZbm6xdamFiW0rxyLYgEo7N6Afccy_eJztYT9zj_CgxI4xUfdcncSBdHJ2V3lJ6oTdSYLHBkYMGqqUCs-ZLxBYnipUlP89nytRrdFqAWpJygPFLs6P0aNkzDT_LiPqRGI-9gYMwvIvBXC_8xqcnhygkLY8w_zel6zCM6KB_2bVXrVGHbPivBUHaYPmbbUqs5bK_kirR4suO8LTB4yKCkxV0UT-JgZ6j0i3Ca3xbSmk4GOr&cid=CAQSPADq26N9yxuArFsrNlYZGehEBap-9U4U3OZpKcURMlImGRe_WtwAARFXaLL_MJbQ8abFJ84JV1SILfkEkRgBIA4&rfl=1%2Chttps%253A%252F%252Fhaigram.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Nov 2022 18:34:41 GMT
jquery-2.1.0.min.js
playercdn.jivox.com/1651821427/unit/js/gz/ Frame 60E3 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.5.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 20:39:40 GMT
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:27:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
36814
etag
"84642ab523899a6150af1489287de4de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
29294
x-amz-cf-id
PK_TO8JJNkcM_Oz82us9NYYYexmMRCoH_c3MhRNIvUdgTE7fILJWUw==
velocity-raf-disabled.min.js
playercdn.jivox.com/1651821427/unit/js/gz/ Frame 60E3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1651821427/unit/js/gz/velocity-raf-disabled.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.5.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 20:40:43 GMT
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:27:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
33861
etag
"6db08f58b76a3c4459a454a7acf752ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
12405
x-amz-cf-id
64fnE3GmTuLgVyJ_dpDnf7yKLg2UE29TiohGRg0NltwQcNNIazW6NA==
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 60E3 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.5.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:29:43 GMT
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:29:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
81322
etag
"2a0e0abd8f7f11fb012a534ea115a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
5987
x-amz-cf-id
zI7MxPykbnfxEiMXO68pERH8PLHi-V9TgdtpBrl4liB8sZ3BD4qGJQ==
CS_8336_dv_nike.js
cdn.jivox.com/files/46220/Nike_DV/ Frame 60E3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jivox.com/files/46220/Nike_DV/CS_8336_dv_nike.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.177.203 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34c093e733de9db0982f27625ccf0da85617e2576ac8634a420c633936a351a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 03:52:16 GMT
content-encoding
br
via
1.1 cb3d16eff6ae874e2900d410d6cd2066.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 10:31:58 GMT
server
AmazonS3
x-amz-cf-pop
ICN51-C2
age
7970
etag
W/"707086cf6c74938c78029335ca013aca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
NdvXuCEMEVmNm9fN6vQtqCGTcHPVBgtf545_ohvSS3ItaoHzu6ey5g==
4.js
fw.adsafeprotected.com/rfw/st/886862/62195780/ Frame A599 		0
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 053B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2816928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
-uV1rPnD9gKpNsT1BSVawH-3NqnoEC100h5GnvuIAgxk9_JVe8SxaQ==
dt
dt.adsafeprotected.com/ Frame A599 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=73c3541d-74dd-9952-f113-4aaa2abd0678&tv=%7Bc:rWfucC,pingTime:-3,time:106,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6X2+11%7C12%7C13%7C141%7C142%7C143%7C151%7C152%7C1611%7C171%7C181%7C182%7C183%7C184%7C1851%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5%7C1b6%7C1c*.886862-62195780%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:27%7D&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame A599 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=73c3541d-74dd-9952-f113-4aaa2abd0678&tv=%7Bc:rWfucH,pingTime:-6,time:111,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6X2+11%7C12%7C13%7C141%7C142%7C143%7C151%7C152%7C1611%7C171%7C181%7C182%7C183%7C184%7C1851%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5%7C1b6%7C1c*.886862-62195780%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:27%7D&tpiLookup=ao:haigram.com*&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A599 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:48:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD74 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 11:15:32 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 11:15:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A599 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0978df5d4174510292c263cf6752136d9316f5017a82c5776b767ee77f0d04a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 06:05:05 GMT
expires
Tue, 24 Oct 2023 06:05:05 GMT
last-modified
Tue, 10 May 2022 13:01:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A599 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoTlDfMbuB6PoSZraoTq2ZpKU067JCPm96dU5Nn9DmED470xRpFI3Qvh8f3Eby573SL1ov5Yc3ZFY0lY5ydoNi1-GF4tuaMc61WpkfRRc4mCESNRkUpM4NKd6niSC1UaN6mlTFnIrT5cF2g1eo5LdjJOFXG1XwSfhVDv4XDutcRE51hXrkRVO92FID4TpdEKi525L6wFfXnYjSUY7ffsDSJ2ZnxTPekr3P1RAaTHuyiju4d1rWXJrGgCrDNmaFI6mevOy5G4S5hmHMMYrAPipbp3YgYj9L2209mn7ENRwRcYETE3EnsRAIzN9BhSnEuj1TjhKTbD3ocLzve8mKI3kBjw04MsIniCWtLW2jvr4QllRdh4E2IIJgkb4PFBuD-vNNJ7JySVn4x6DMRCYNddagobORogIQoKwVFXmBWSD0oWuIw2EGABGObJlrJvpDhu_NYxDKYY2_hBgFQZ8qaFWS_asTSg0Nzlz3d0pyeCdPQ5YBCi-ULvE5pJuDmUiY21_VDOMKk_a3bdjSWH4aQ92UdSjpnqUcYesRVPDvnjaHK6J9J3Ho6_jeccxqZjXjPvy4BLG7MVLiErrwIFi1mUW4YVxhdJRXvPkN7SdVeyVF2eVo_WenQgApoX4YfrJJketf0mGVyhSsUJYartHykFBDoXoXMmkvN66NYEkqqY2rE5un63d6u9dPiInrA5liOi7Oogb0_nQSDdXDW27i20P6PIiXEW4UewBwKZWXXT7fEcEyF9w_ONJZ_AbNeOOwkBzPeUoJiv_LJLKYC3w_PK78IfIQqGG5W8pcLT3iCQZAZ68aky7VUWEVuXuJpWcR2sQqruPgaQSpxL8fEgW5D37VHuRC0VklmI3h5D-LQD9sNov86sdRoSAtULi2fm1HKYULlz8E494KUrh2F1i2aFC91uv21p24VlWDd8RQoG-K52RAULtimdRPf185u4-wJiMGBK5HpVkFyfSsg0SCjjOFO9NLxxANU3bK1l5x9IBc02UXfopljcKySj0Es6vhdbouEuA6I55tgQM0sRFc5H9bGct_9WosorNjf53bgsO4vnorfzmrLOZa8QHGYF2ysHA5hexDzcDJDoW_oQrgUOrGNH3yPZvLZOZgMnOuUzbXBlqnep9tPOn9XCJi4bxTK4wt9NQQRSntG5wiXEF5QCTXZYO0iSONfOqboLw3Vnxp763kI5DnmvVcj1tgBwuTQlKyhiY1WovkvYKymudkn9wwWVCfVrhA-A2kFf_cJh1d&sai=AMfl-YS0fPkpUzUGMnngAxvvs7ZI4VlGQG7mzfVmoXV0mjt2s92bN3Wzan9WxFksSIrQcKjEiQet7WaYP9s7r1n4OmTSABf6IlA6UXo54Vik3xGRgAytiYgkSeIV4n2iuWiayj7FJ4yNHp0_Yp-3aETj7SdGmhnWjq562-_-rTtRUdrVjgafGA6C5VG3UbVlwR2yK1wZiyeQIn2iLRJED_0Iyp3dQdKAtJnL9UOsscidUEoHdA02RTYETDoj4Qy3Yq6cK4lSaiZYWVgeEQ&sig=Cg0ArKJSzBm7xlkQ4gIzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&cbvp=1&cstd=287&cisv=r20221019.89933&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Oct 2022 06:05:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame A599 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=73c3541d-74dd-9952-f113-4aaa2abd0678&tv=%7Bc:rWfueg,pingTime:-2,time:208,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:570,beZ:571,mfA:573,cmA:574,inA:574,inZ:578,prA:578,prZ:591,si:597,poA:598,poZ:627,cmZ:627,mfZ:627,loA:681,loZ:685,ltA:778,ltZ:778%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B203~0%5D,as:%5B203~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tl9S6ot+11%7C12%7C13%7C14.1014661-62144026%7C141%7C142%7C143%7C151%7C152%7C1611%7C171%7C181%7C182%7C183%7C184%7C1851%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5%7C1b6%7C1c*.886862-62195780%7C1c1,idMap:1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:27,sinceFw:181,readyFired:false%7D&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 60E3 		14 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/index.html?externalWg=1&adUnitType=6&campaignId=145352&base=1&creativeUnitType=3&adUnitId=301&isDynamic=1&objectName=jvx_63562b103c3b0&clickThroughURL=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3Dhttp%253A%252F%252Fwww.nike.com&serverURL=https://as.jivox.com&placementId=UA26m8&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3Dhttp%253A%252F%252Fwww.nike.com&reportingURL=https://evs.jivox.com&jvxSessionId=1666591504.2043&siteId=55f48ca4113e34&isCampaign=1&es_pId=UA26m8&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&ap_Lang=english&jvxUUId=tl9S6N1ZmSQw&es_cgName=933cd21d879fd2b529ab05b9bc09364dc35ca15525b2f4b33296fc1c1368e31c404ca24a9f1572e7e449b7307412f65764ccdf618b496f94771d506297a28230&es_segName=Airmax_Bliss_Refresh_Remaining_Dimensions&assetID=asset2668&isMobile=&externalStartEventId=266500
Requested by
Host: playercdn.jivox.com
URL: https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6053508c4325d1a2628349371a28fc9192b21900c24f031ca623e6f3956e434f

Request headers

Accept
*/*
Referer
https://as.jivox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:26 GMT
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
77201
x-cache
Hit from cloudfront
last-modified
Thu, 20 Oct 2022 08:35:39 GMT
server
AmazonS3
etag
W/"87b1f70d3494c440f508c1951c590acc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
IijoGUHT8z1cOSr0xgefcbe1yEkHYnzXIck8SHaQ1olzRa_KoSnQUQ==
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 692B 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.5.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:29:43 GMT
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:29:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
81323
etag
"2a0e0abd8f7f11fb012a534ea115a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
5987
x-amz-cf-id
PhDvZB6MLvtimE2Rdgm7sV_OyP5CRaJYPwwUH8ORyrRlNod8YfV4Rw==
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2Fw...
evs.jivox.com/trk/66/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 60E3 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/66/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2FwX2dkcHJfY29uc2VudD0vYXBfZ2Rwcl9jb25zZW50X3YyPS9hcF9MYW5nPWVuZ2xpc2gvYWRiMS1rZXk9OTA4L2FkYjE0LWlkX3ZlcnNpb249Mzg3MTRfMS9hZGI2LWtleT0xMC9hZGI3LWlkX3ZlcnNpb249MzgwMzFfMS9hZGIxNC1rZXk9OTA3L2FkYjMtaWRfdmVyc2lvbj0yMjA3MV8xL2FkYjExLWlkX3ZlcnNpb249MTYzOThfMS9hZGIxMC1rZXk9NjcyMi9hZGI3LWtleT02NzI0L2FkYjgtaWRfdmVyc2lvbj0xNTk0Nl8xL2FkYjIta2V5PTEyL2FkYjEyLWlkX3ZlcnNpb249Mzc3ODdfMS9hZGI0LWlkX3ZlcnNpb249Mzg4MTRfMS9hZGIxMy1rZXk9MjEvYWRiNS1pZF92ZXJzaW9uPTM4ODExXzEvYWRiMy1rZXk9MTQyL2FkYjktaWRfdmVyc2lvbj0yODUwMl8xL2FkYjEyLWtleT03MDIvYWRiNC1rZXk9MjEvYWRiOC1rZXk9MTcvYWRiMTMtaWRfdmVyc2lvbj0zNzc4OF8xL2FkYjEtaWRfdmVyc2lvbj0zODcwOV8xL2FkYjYtaWRfdmVyc2lvbj0yMjMyNF8xL2FkYjEwLWlkX3ZlcnNpb249MzgwMzRfMS9hZGI1LWtleT00MjMvYWRiOS1rZXk9Ny9hZGIyLWlkX3ZlcnNpb249MTc2OTJfMS9hZGIxMS1rZXk9MTEvYkRpbT0zMjB4MTAwL3I9MC45ODIzNDQwOTI1ODkyMzY4L2VzX2V0PTEvZXNfY2dOYW1lPTkzM2NkMjFkODc5ZmQyYjUyOWFiMDViOWJjMDkzNjRkYzM1Y2ExNTUyNWIyZjRiMzMyOTZmYzFjMTM2OGUzMWM0MDRjYTI0YTlmMTU3MmU3ZTQ0OWI3MzA3NDEyZjY1NzY0Y2NkZjYxOGI0OTZmOTQ3NzFkNTA2Mjk3YTI4MjMwL2VzX3NlZ05hbWU9QWlybWF4X0JsaXNzX1JlZnJlc2hfUmVtYWluaW5nX0RpbWVuc2lvbnM=
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.23.220 -, , ASN (),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:05 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2Fw...
evs.jivox.com/trk/60/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 60E3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/60/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2FwX2dkcHJfY29uc2VudD0vYXBfZ2Rwcl9jb25zZW50X3YyPS9hcF9MYW5nPWVuZ2xpc2gvYWRiMS1rZXk9OTA4L2FkYjE0LWlkX3ZlcnNpb249Mzg3MTRfMS9hZGI2LWtleT0xMC9hZGI3LWlkX3ZlcnNpb249MzgwMzFfMS9hZGIxNC1rZXk9OTA3L2FkYjMtaWRfdmVyc2lvbj0yMjA3MV8xL2FkYjExLWlkX3ZlcnNpb249MTYzOThfMS9hZGIxMC1rZXk9NjcyMi9hZGI3LWtleT02NzI0L2FkYjgtaWRfdmVyc2lvbj0xNTk0Nl8xL2FkYjIta2V5PTEyL2FkYjEyLWlkX3ZlcnNpb249Mzc3ODdfMS9hZGI0LWlkX3ZlcnNpb249Mzg4MTRfMS9hZGIxMy1rZXk9MjEvYWRiNS1pZF92ZXJzaW9uPTM4ODExXzEvYWRiMy1rZXk9MTQyL2FkYjktaWRfdmVyc2lvbj0yODUwMl8xL2FkYjEyLWtleT03MDIvYWRiNC1rZXk9MjEvYWRiOC1rZXk9MTcvYWRiMTMtaWRfdmVyc2lvbj0zNzc4OF8xL2FkYjEtaWRfdmVyc2lvbj0zODcwOV8xL2FkYjYtaWRfdmVyc2lvbj0yMjMyNF8xL2FkYjEwLWlkX3ZlcnNpb249MzgwMzRfMS9hZGI1LWtleT00MjMvYWRiOS1rZXk9Ny9hZGIyLWlkX3ZlcnNpb249MTc2OTJfMS9hZGIxMS1rZXk9MTEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENsU2ctRHl0V1k5VDlFdXVSN19VUHhhR3RTSnFxcDR0dF80bnp0TkFRMWNhVzVaa0ZFQUVneHZ2V2VXQ1Znb0NBdUFlZ0FjM2xrcGtDeUFFSnFRTDdOZWwyNEl1d1BxZ0RBYW9FN0FGUDBEMjJDWkRBRnhoTEtxVEk1WUJsY3dfNFZsVjF1dzN2bFdQdmo5MEpzbWFXbmxUQjQ3MlZDVmswcnRVOHdFV1JkT1pQVG5IMUFtSHB3b2hDZERxWmlSUlZvaEQtcDRTajQtVkR3ZWM2RzdYN3FzM2N3eDlDOUNZaVdHd3FrZzI5N3NfQjhVQmtFM1BPZFFmZUZpMDhFcVN1QVRiUk1JWS1JVUV6ajdiZm5EamhIVHJQa1RsZ1ZTNmZxZlhlSE5sUW1ZOFZoRnlYbzBvYzkyNml2NXU2cFpMUHFZZy1DaWhxVjhlOFlRUjYxcnp3Z1RaeUZZMUJ3bWktMmNhRmtVSnpuS19RLUQ0eGlDY01JYWdBQVpudl9vMzN0TlQzVHpKSzRKZkZVWjE4aG5TR2ZZZ2RPbjhRYUduT1FjQUU1cG42bzR3RTRBUURrQVlCb0FaTmdBZWJtdTNtQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUeEl2eEVNZ1Q2YldlNFFQUUV3RFlFd3FJRkFMWUZBSFFGUUg0RmdHQUZ3RSUyNmFlJTNEMSUyNm51bSUzRDElMjZjaWQlM0RDQVFTUEFEcTI2TjlDMlhuZVF2VjR1ODBhU2hGMGI5TXlfaFRydmtKZThnclU3NGo4SUo0dGtlX0ZvcmZ1T0wxRVlnNFJoUFFRY2JGZm1XQ1cxN2lPQmdCSUE0JTI2c2lnJTNEQU9ENjRfMGw1LXhnRTJiM05ZQVNlc0ZaaDJhQTJWS0dSdyUyNmNsaWVudCUzRGNhLXB1Yi00NTczMjMxNTUwMzU1MjIxJTI2ZGJtX2MlM0RBS0FtZi1BenpIazAydHFPdE14OWVsSTQ3SG1uRGNubE4tMHhFLWRzSlhFTkFxdndTX3NLTEtjOHVwRHY5MDdObm1VY29Ia1AzNWFOY1A2cW9HMmN5RFFISkRvcFF3bmNSR0NzcTl2dnN6VUJqZFpXNzlEa1ZudGI3U0xfc1JfSmFzNk80MkZQejk4bG5rUzJpc2xjR0J2aS1ObktJcmY3akp0QWUtLXlyakV6M21YV2MtX0RtejglMjZkYm1fZCUzREFLQW1mLURQWnVldjRRb2lzXzFIdGVjZlk1YXhZVVc5MEVEcU1STWU5cldSX3I4RmJlTC1uQzhvM2RuSzN6Qi15V2hxSDk5dVp2TXJJOXZPelp2aGJSR09FUF9fa0lSSUNrXzgzWjZOUlE2Y3Q1bm4wbDdJd0hYdGNXSFp4ejdqU0NjUXZISTdlQmNyaTZnb2d6b0RzMVVId2hPTExRQW5JOFRHWFlFbnY4bHdneXc3cC1zMEtMcWlvVVQ4Ni1xd00yMDhqY1lxTDVxMUpOUllrcXJBbnpvaWQtaXBkUFVmUzluXzJrOERWM2RhV3VYTmpkY2JQdVdpS0pxXy0xMXcza2ZCMFhjX0diazFEQ1dxRWxINHJMTEVSSjJ4ZkNVVkZ3MEEwbk4yREtJN1NtczdvOXdCRXRDUFM5cVVsZGVCbWpaY0hjVDl0VDBQQk53UFJzYkhxemVYc0R5Sy1idm1sLUswRm9tTzJobk1LeUt3YmN1RGNiYzRlcklFTHc3STBDU0lkLS1yYW5WZ3RKRlBQcGpYTHBDODJYaGh1aVM0cDEzSWdfYUtoNmUzd21yUUVlcTFOeXJ5bnM0eV9ucFR0UG1KZkhRTmVjNkRQbTRGR0Jabl9DY01LWEJpeVVCNHpWTXFMc3E2akZoVzh3RkdDVUZtWGZmeGdpUWREcng3Wl9WUzk3NTF3Nl8zVHV2UXFFQTVfX1RzYTFyREFJcWlfSkEwZmpPSy1yQ3pfdVEwWFZkRTJGWSUyNmFkdXJsJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5uaWtlLmNvbS9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5qaXZveC5jb20lMkZhc3NldHMlMkZ3aWRnZXRzJTJGMjAyMiUyRjEwJTJGYTQ2MjIwejYzNTEwODU5NzJlYTglMkYxJTJGMzIweDEwMF9NaWRmX0Fpcm1heEJsaXNzXzJBJTJGaW5kZXguaHRtbC9iRGltPTMyMHgxMDAvcj0wLjQ2NTgzMzE3MDY4MDIzNzQ0L2NsaWNrTWFjcm89aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENsU2ctRHl0V1k5VDlFdXVSN19VUHhhR3RTSnFxcDR0dF80bnp0TkFRMWNhVzVaa0ZFQUVneHZ2V2VXQ1Znb0NBdUFlZ0FjM2xrcGsvY2FjaGVNYWNybz0xNjY2NTkxNTAzMzEwOTk2L3BhZ2VVcmw9aHR0cHMlM0ElMkYlMkZkZWE1ZmFkOTliNWM2Yjg1MmI2ODNlMzZiMDMwODFhZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGc2FmZWZyYW1lJTJGMS0wLTM4JTJGaHRtbCUyRmNvbnRhaW5lci5odG1sL2VzX2NnTmFtZT05MzNjZDIxZDg3OWZkMmI1MjlhYjA1YjliYzA5MzY0ZGMzNWNhMTU1MjViMmY0YjMzMjk2ZmMxYzEzNjhlMzFjNDA0Y2EyNGE5ZjE1NzJlN2U0NDliNzMwNzQxMmY2NTc2NGNjZGY2MThiNDk2Zjk0NzcxZDUwNjI5N2EyODIzMC9lc19zZWdOYW1lPUFpcm1heF9CbGlzc19SZWZyZXNoX1JlbWFpbmluZ19EaW1lbnNpb25z
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.23.220 -, , ASN (),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:05 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2Fw...
evs.jivox.com/trk/77/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 60E3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/77/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2FwX2dkcHJfY29uc2VudD0vYXBfZ2Rwcl9jb25zZW50X3YyPS9hcF9MYW5nPWVuZ2xpc2gvYWRiMS1rZXk9OTA4L2FkYjE0LWlkX3ZlcnNpb249Mzg3MTRfMS9hZGI2LWtleT0xMC9hZGI3LWlkX3ZlcnNpb249MzgwMzFfMS9hZGIxNC1rZXk9OTA3L2FkYjMtaWRfdmVyc2lvbj0yMjA3MV8xL2FkYjExLWlkX3ZlcnNpb249MTYzOThfMS9hZGIxMC1rZXk9NjcyMi9hZGI3LWtleT02NzI0L2FkYjgtaWRfdmVyc2lvbj0xNTk0Nl8xL2FkYjIta2V5PTEyL2FkYjEyLWlkX3ZlcnNpb249Mzc3ODdfMS9hZGI0LWlkX3ZlcnNpb249Mzg4MTRfMS9hZGIxMy1rZXk9MjEvYWRiNS1pZF92ZXJzaW9uPTM4ODExXzEvYWRiMy1rZXk9MTQyL2FkYjktaWRfdmVyc2lvbj0yODUwMl8xL2FkYjEyLWtleT03MDIvYWRiNC1rZXk9MjEvYWRiOC1rZXk9MTcvYWRiMTMtaWRfdmVyc2lvbj0zNzc4OF8xL2FkYjEtaWRfdmVyc2lvbj0zODcwOV8xL2FkYjYtaWRfdmVyc2lvbj0yMjMyNF8xL2FkYjEwLWlkX3ZlcnNpb249MzgwMzRfMS9hZGI1LWtleT00MjMvYWRiOS1rZXk9Ny9hZGIyLWlkX3ZlcnNpb249MTc2OTJfMS9hZGIxMS1rZXk9MTEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENsU2ctRHl0V1k5VDlFdXVSN19VUHhhR3RTSnFxcDR0dF80bnp0TkFRMWNhVzVaa0ZFQUVneHZ2V2VXQ1Znb0NBdUFlZ0FjM2xrcGtDeUFFSnFRTDdOZWwyNEl1d1BxZ0RBYW9FN0FGUDBEMjJDWkRBRnhoTEtxVEk1WUJsY3dfNFZsVjF1dzN2bFdQdmo5MEpzbWFXbmxUQjQ3MlZDVmswcnRVOHdFV1JkT1pQVG5IMUFtSHB3b2hDZERxWmlSUlZvaEQtcDRTajQtVkR3ZWM2RzdYN3FzM2N3eDlDOUNZaVdHd3FrZzI5N3NfQjhVQmtFM1BPZFFmZUZpMDhFcVN1QVRiUk1JWS1JVUV6ajdiZm5EamhIVHJQa1RsZ1ZTNmZxZlhlSE5sUW1ZOFZoRnlYbzBvYzkyNml2NXU2cFpMUHFZZy1DaWhxVjhlOFlRUjYxcnp3Z1RaeUZZMUJ3bWktMmNhRmtVSnpuS19RLUQ0eGlDY01JYWdBQVpudl9vMzN0TlQzVHpKSzRKZkZVWjE4aG5TR2ZZZ2RPbjhRYUduT1FjQUU1cG42bzR3RTRBUURrQVlCb0FaTmdBZWJtdTNtQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUeEl2eEVNZ1Q2YldlNFFQUUV3RFlFd3FJRkFMWUZBSFFGUUg0RmdHQUZ3RSUyNmFlJTNEMSUyNm51bSUzRDElMjZjaWQlM0RDQVFTUEFEcTI2TjlDMlhuZVF2VjR1ODBhU2hGMGI5TXlfaFRydmtKZThnclU3NGo4SUo0dGtlX0ZvcmZ1T0wxRVlnNFJoUFFRY2JGZm1XQ1cxN2lPQmdCSUE0JTI2c2lnJTNEQU9ENjRfMGw1LXhnRTJiM05ZQVNlc0ZaaDJhQTJWS0dSdyUyNmNsaWVudCUzRGNhLXB1Yi00NTczMjMxNTUwMzU1MjIxJTI2ZGJtX2MlM0RBS0FtZi1BenpIazAydHFPdE14OWVsSTQ3SG1uRGNubE4tMHhFLWRzSlhFTkFxdndTX3NLTEtjOHVwRHY5MDdObm1VY29Ia1AzNWFOY1A2cW9HMmN5RFFISkRvcFF3bmNSR0NzcTl2dnN6VUJqZFpXNzlEa1ZudGI3U0xfc1JfSmFzNk80MkZQejk4bG5rUzJpc2xjR0J2aS1ObktJcmY3akp0QWUtLXlyakV6M21YV2MtX0RtejglMjZkYm1fZCUzREFLQW1mLURQWnVldjRRb2lzXzFIdGVjZlk1YXhZVVc5MEVEcU1STWU5cldSX3I4RmJlTC1uQzhvM2RuSzN6Qi15V2hxSDk5dVp2TXJJOXZPelp2aGJSR09FUF9fa0lSSUNrXzgzWjZOUlE2Y3Q1bm4wbDdJd0hYdGNXSFp4ejdqU0NjUXZISTdlQmNyaTZnb2d6b0RzMVVId2hPTExRQW5JOFRHWFlFbnY4bHdneXc3cC1zMEtMcWlvVVQ4Ni1xd00yMDhqY1lxTDVxMUpOUllrcXJBbnpvaWQtaXBkUFVmUzluXzJrOERWM2RhV3VYTmpkY2JQdVdpS0pxXy0xMXcza2ZCMFhjX0diazFEQ1dxRWxINHJMTEVSSjJ4ZkNVVkZ3MEEwbk4yREtJN1NtczdvOXdCRXRDUFM5cVVsZGVCbWpaY0hjVDl0VDBQQk53UFJzYkhxemVYc0R5Sy1idm1sLUswRm9tTzJobk1LeUt3YmN1RGNiYzRlcklFTHc3STBDU0lkLS1yYW5WZ3RKRlBQcGpYTHBDODJYaGh1aVM0cDEzSWdfYUtoNmUzd21yUUVlcTFOeXJ5bnM0eV9ucFR0UG1KZkhRTmVjNkRQbTRGR0Jabl9DY01LWEJpeVVCNHpWTXFMc3E2akZoVzh3RkdDVUZtWGZmeGdpUWREcng3Wl9WUzk3NTF3Nl8zVHV2UXFFQTVfX1RzYTFyREFJcWlfSkEwZmpPSy1yQ3pfdVEwWFZkRTJGWSUyNmFkdXJsJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnd3dy5uaWtlLmNvbS9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5qaXZveC5jb20lMkZhc3NldHMlMkZ3aWRnZXRzJTJGMjAyMiUyRjEwJTJGYTQ2MjIwejYzNTEwODU5NzJlYTglMkYxJTJGMzIweDEwMF9NaWRmX0Fpcm1heEJsaXNzXzJBJTJGaW5kZXguaHRtbC9iRGltPTMyMHgxMDAvcj0wLjc0NjE3OTcyMzc2MjYwMDQvY2xpY2tNYWNybz1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ2xTZy1EeXRXWTlUOUV1dVI3X1VQeGFHdFNKcXFwNHR0XzRuenROQVExY2FXNVprRkVBRWd4dnZXZVdDVmdvQ0F1QWVnQWMzbGtway9jYWNoZU1hY3JvPTE2NjY1OTE1MDMzMTA5OTYvcGFnZVVybD1odHRwcyUzQSUyRiUyRmRlYTVmYWQ5OWI1YzZiODUyYjY4M2UzNmIwMzA4MWFlLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtMzglMkZodG1sJTJGY29udGFpbmVyLmh0bWwvZXNfY2dOYW1lPTkzM2NkMjFkODc5ZmQyYjUyOWFiMDViOWJjMDkzNjRkYzM1Y2ExNTUyNWIyZjRiMzMyOTZmYzFjMTM2OGUzMWM0MDRjYTI0YTlmMTU3MmU3ZTQ0OWI3MzA3NDEyZjY1NzY0Y2NkZjYxOGI0OTZmOTQ3NzFkNTA2Mjk3YTI4MjMwL2VzX3NlZ05hbWU9QWlybWF4X0JsaXNzX1JlZnJlc2hfUmVtYWluaW5nX0RpbWVuc2lvbnM=
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.23.220 -, , ASN (),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:05 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
adlib.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1870
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 18:32:38 GMT
fonts.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		1002 B
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 18:32:38 GMT
adStyle.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 05:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1059
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Oct 2023 05:00:01 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 01F7 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 11:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 11:10:17 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 01F7 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 06:05:05 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 05:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522303
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Oct 2023 05:00:02 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10567
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 14:46:03 GMT
animation.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 01F7 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2678
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 18:32:38 GMT
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 2B6F 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.5.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:29:43 GMT
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:29:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
81323
etag
"2a0e0abd8f7f11fb012a534ea115a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
5987
x-amz-cf-id
DOXG2JVhgljJj2ZdlP-yesiV5-qOzYBKQwHuKfMAy867hkj7ga4SNg==
style.css
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		1 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/style.css
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c4f95c4e1f049a1b0b23c8623218f60341fba72d9aa02fc7bdce11fb95dbbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:27 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77199
etag
W/"4f3823afe866dfa18d6680422d0d257f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
6eN4JaVdHSF_LrnsVV3l1Sx5ylMA4Gz8wSu2cqfoJoukaj-1MG1kEA==
custom.css
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/custom.css
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72bf550ac497322e890edd198316b2cfe4065b688fba8bb95ee13a1a95b4cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:27 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77199
etag
W/"fb878c8d87b5b959c77a18da21d64903"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
eE_BgB_02TqLnjQF24Ta0DUNXu-AkaDozv5vDIAezVvx9uGeJzV8ng==
jvx.css
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		103 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/jvx.css
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d23b9b8d0379b6e7f8a8e0e7be41ef47ef76121befe171362368d81a47bf43a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:59 GMT
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77177
etag
"4563b5e97499f3aae4a72e0a39f32f8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
103
x-amz-cf-id
cGCUQqm8RJ0Li8uPKf-qg1xXmTAxzm3hVsMzJTitxsNNrUL_3sWBvg==
gsap_min.js
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/gsap_min.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:27 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77199
etag
W/"25d67f605b728204ba1ac06206941ad6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
QuogBNk09UDe_JYxX6rTKsAjGh4c1DY_dNzUPI8OOsRwlaNLg6DHBw==
main.js
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		409 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/main.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16ffa6edd8694160dd28a106a84c813872d022956a0719bf11332f64cfedfd83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:27 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77199
etag
W/"23591e54f8da03ba5cf637c463d8ea13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
cztXshEuyEtepdNJURSN0juHxabUK0S72S_-ih1GrOgsmBTTsClk3Q==
dynamic_logic_live_320x100.js
assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/ Frame 2B6F 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jivox.com/assets/widgets/2022/10/a46220z6351085972ea8/1/320x100_Midf_AirmaxBliss_2A/dynamic_logic_live_320x100.js
Requested by
Host: as.jivox.com
URL: https://as.jivox.com/unit/layout_renderer.php?campaignId=145352&siteId=55f48ca4113e34&unitType=mobile&bannerType=C&bUnit=1&creativeUnitType=3&bDim=320x100&es_pId=UA26m8&isDynamic=1&ap_DataSignal1=18143154454&ap_DataSignal2=ABAjH0j8YqyGd3ikArID3GgtjLtv&debug=1&debugWidget=1&ap_DataSignal3=449012054&ap_DataSignal4=1396462348461&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=&jvxVer=2&isnonexpanding=Y&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClSg-DytWY9T9EuuR7_UPxaGtSJqqp4tt_4nztNAQ1caW5ZkFEAEgxvvWeWCVgoCAuAegAc3lkpkCyAEJqQL7Nel24IuwPqgDAaoE7AFP0D22CZDAFxhLKqTI5YBlcw_4VlV1uw3vlWPvj90JsmaWnlTB472VCVk0rtU8wEWRdOZPTnH1AmHpwohCdDqZiRRVohD-p4Sj4-VDwec6G7X7qs3cwx9C9CYiWGwqkg297s_B8UBkE3POdQfeFi08EqSuATbRMIY-IUEzj7bfnDjhHTrPkTlgVS6fqfXeHNlQmY8VhFyXo0oc926iv5u6pZLPqYg-CihqV8e8YQR61rzwgTZyFY1Bwmi-2caFkUJznK_Q-D4xiCcMIagAAZnv_o33tNT3TzJK4JfFUZ18hnSGfYgdOn8QaGnOQcAE5pn6o4wE4AQDkAYBoAZNgAebmu3mAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATxIvxEMgT6bWe4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4%26sig%3DAOD64_0l5-xgE2b3NYASesFZh2aA2VKGRw%26client%3Dca-pub-4573231550355221%26dbm_c%3DAKAmf-AzzHk02tqOtMx9elI47HmnDcnlN-0xE-dsJXENAqvwS_sKLKc8upDv907NnmUcoHkP35aNcP6qoG2cyDQHJDopQwncRGCsq9vvszUBjdZW79DkVntb7SL_sR_Jas6O42FPz98lnkS2islcGBvi-NnKIrf7jJtAe--yrjEz3mXWc-_Dmz8%26dbm_d%3DAKAmf-DPZuev4Qois_1HtecfY5axYUW90EDqMRMe9rWR_r8FbeL-nC8o3dnK3zB-yWhqH99uZvMrI9vOzZvhbRGOEP__kIRICk_83Z6NRQ6ct5nn0l7IwHXtcWHZxz7jSCcQvHI7eBcri6gogzoDs1UHwhOLLQAnI8TGXYEnv8lwgyw7p-s0KLqioUT86-qwM208jcYqL5q1JNRYkqrAnzoid-ipdPUfS9n_2k8DV3daWuXNjdcbPuWiKJq_-11w3kfB0Xc_Gbk1DCWqElH4rLLERJ2xfCUVFw0A0nN2DKI7Sms7o9wBEtCPS9qUldeBmjZcHcT9tT0PBNwPRsbHqzeXsDyK-bvml-K0FomO2hnMKyKwbcuDcbc4erIELw7I0CSId--ranVgtJFPPpjXLpC82XhhuiS4p13Ig_aKh6e3wmrQEeq1Nyryns4y_npTtPmJfHQNec6DPm4FGBZn_CcMKXBiyUB4zVMqLsq6jFhW8wFGCUFmXffxgiQdDrx7Z_VS9751w6_3TuvQqEA5__Tsa1rDAIqi_JA0fjOK-rCz_uQ0XVdE2FY%26adurl%3D&r=1666591503310996&objectName=jvx_63562b103c3b0&jvxSessionId=1666591504.2043&base=1&adUnitId=301&loadLayout=0&creativeResolveBeginTime=1666591504000&ap_Lang=english&localTimeOffset=0&pageURL=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.124 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcab7842498b23fdcaa1c8c324a7d92926d6064488ecec02427538c678cf1f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 08:38:27 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 08:35:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
77199
etag
W/"163d7f61b27ef48707314685d460f40b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
cy3PDZ456ECZ23jRi8iRqMxPFNMqKdvszKJMdjEmWKVHopa246-fsA==
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRMSHL0kCQWAfTgGAAq-kA&google_cver=1&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=9F1jVisQRACYjIo_9L5SVQ&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry2U9K95PR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=9F1jVisQRACYjIo_9L5SVQ&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry2U9K95PRDfYsyg
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 24 Oct 2022 06:05:05 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=9F1jVisQRACYjIo_9L5SVQ&google_push=AZmPxg8zz0Gv8nH_imqJ35DGgcS_y5D0E2IF50WMcRKO1of3VzaI-pMA0zK05S4U2f5PtY-Nax91JyceJ2ubwOry2U9K95PRDfYsyg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Oct 2022 06:05:04 GMT
i.match
s.tribalfusion.com/z/ Frame AD74
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KEL...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
75f084ce389e9214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
886
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED48FO_qR2MhR3vplklBENI&google_cver=1&google_push=AZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-_YcBQ-t5Qki9sD2yDCnq7mB3TNB37oORnskn8GILxvc-b93mWQ9H187Vu8KXQn8AAiD2YXfINN7MrQpidT_RH4mB8KELB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
75f084cccebb9214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDL7DgulHNQy4WvzWZ_oQ6E&google_cver=1&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsO...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322323516037941&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsOxp1wLF3g&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsOxp1wLF3g&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-NChq7p-Wr5llcvaKluR_5pZpeTbOQ-g6E1nZNp5cCzhiGQ8Tt7ysUqWB79O93pKqW1-d4nDdAsMbUETs5XOsOxp1wLF3g&google_hm=Z5xxNGbWTtyX6WbLtMbRKw==
Date
Mon, 24 Oct 2022 06:05:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HAG1N40lQ5CEnamRtxpe8A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HAG1N40lQ5CEnamRtxpe8A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_YjZX83qZSetkrFEEhj2HLuaRnV2ktQT4BYBGabNdJ_SinMXsUWZsIk8esiETClR-PKORAtnrv6T7dm1Xk8QLFFu3fszPj-Q
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HAG1N40lQ5CEnamRtxpe8A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_YjZX83qZSetkrFEEhj2HLuaRnV2ktQT4BYBGabNdJ_SinMXsUWZsIk8esiETClR-PKORAtnrv6T7dm1Xk8QLFFu3fszPj-Q
date
Mon, 24 Oct 2022 06:05:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_hm=Y1YrDhiI6dW_s1epAXE-QgAACKQAAAIB&google_nid=index&google_push=AZmPxg-6k7NuxTkYegiSgmiYyDLK6ahc86C8F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_hm=Y1YrDhiI6dW_s1epAXE-QgAACKQAAAIB&google_nid=index&google_push=AZmPxg-6k7NuxTkYegiSgmiYyDLK6ahc86C8FlKinVcqR4ENuxWJ8uCc_KsX1ARNtjmX7065HRnf_eAWOTVSKoFHMSSIOWAjmUcE
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBpGHKJZ5gQeyTMnJSuvL3k&google_hm=Y1YrDhiI6dW_s1epAXE-QgAACKQAAAIB&google_nid=index&google_push=AZmPxg-6k7NuxTkYegiSgmiYyDLK6ahc86C8FlKinVcqR4ENuxWJ8uCc_KsX1ARNtjmX7065HRnf_eAWOTVSKoFHMSSIOWAjmUcE
cache-control
no-cache
cf-ray
75f084ccca308fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDBQPntqV31pqdjAmy0uObE&google_cver=1&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDBQPntqV31pqdjAmy0uObE&google_cver=1&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA&google_hm=FiHNqGZHHMnufjd4QIeZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA&google_hm=FiHNqGZHHMnufjd4QIeZeLdD
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 24 Oct 2022 06:05:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_KQup9t4ZADkqBqFZ-IlPLeZcywWWOwEMSk0mA9vJmg5ohJEJekm8Uj5NbPOA4wKYFqTw_kly-Zh3kHjSYMRQ1YEL_31NRLA&google_hm=FiHNqGZHHMnufjd4QIeZeLdD
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.targeting.unrulymedia.com/csync/RX-9adc3305-71cd-43f2-8a82-c1cf6ff353c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-aIDUaABcuaJEmumw4h...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA&google_hm=A5rcMwVxzUPyioLBz2_zU8U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA&google_hm=A5rcMwVxzUPyioLBz2_zU8U
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-aIDUaABcuaJEmumw4hZm31s0yJf_ckG3Tpk1XQM7tAcbq7k6AYLRFjI3fHG_eSpYg3k0o0MBrVX4hprz1kCiSmJyaYQevxA&google_hm=A5rcMwVxzUPyioLBz2_zU8U
date
Mon, 24 Oct 2022 06:05:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9adc330571cd43f28a82c1cf6ff353c5003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame AD74 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUaVC1TrZm4twIRC7Dwb2YCKNQdGj2aRl8TVmJeS2uxULOmrHt-X35ssJxx4XTHTqLc5EQ
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0B6A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
386764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:39:01 GMT
expires
Thu, 19 Oct 2023 18:39:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
resolveDynamicData.php
traffick.jivox.com/jivox/serverAPIs/ Frame 2B6F 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffick.jivox.com/jivox/serverAPIs/resolveDynamicData.php?debugWidget=1&campaignId=145352&var=MF_AIRMAX_LV:MF_AIRMAX_LV&ap_MF_AIRMAX_LV=18143154454_AIRMAX-BLISS-2A&ap_MF_AIRMAX_LV:order=random&var=NC_Head_MF_DCO2:NC_Head_MF_DCO2&ap_NC_Head_MF_DCO2=germany_german&ap_NC_Head_MF_DCO2:order=random&callback=getCategoryProducts&r_=0.0013988030556921771&ap_gdpr=0&ap_gdpr_consent=&ap_gdpr_consent_v2=
Requested by
Host: playercdn.jivox.com
URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.119.243 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.39.v20210325) /
Resource Hash
c43f850ffbccce13441085cd28f679f4a9da25601ec7daa561d62c3e1e823699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 06:05:05 GMT
Content-Encoding
gzip
Server
Jetty(9.4.39.v20210325)
Connection
keep-alive
Content-Length
1954
Content-Type
application/json;charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FE9 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgHXMDytWY42zOuG17_UPg4-sgAMAAAAAOAHgBAI&bg=!CAulC0_NAAaaxvStusY7ACkAdvg8Wk9NHZxxtbE_Gzd10wZtclKWp3T_AyM7zfgtRGbpcHaab6h-gQIAAALcUgAAAANoAQcKAGoX3EZsbI3ItKsnldxCMSuvjATao_nSCm5P3FpOhBS1rgl77A_K1FS3VrO5icBDSzh9ljVi11ycXk2Ziy68zgAxCSadguh4KBqdgHQsayVXzpN2EGI94bAnI93RoIE43yoa3NM8merC0czPmQLm96bT297YqfbtEiwQDlZr-n4-OArzfXrHKBgwa43F_-pP1y9rLENmuOejjkhQvXLZeqA8Bnzrb37xnegpO7goGzUas6gKxlDWGrqGaxtlR6BNV6XU7Qxft8ifokRUVy3nm1uyeg3WxBvdjj8tG-u5ru5qE-FbVvC_s0R3xIX1-mWG-1UXSQMhp0lcLBvMcsVN088o0bqCDOdwWxIeyagu2ydWcr2diV7YKrc5VLDhLp9IdqMw0IzX7AHaNuINtYi7nApCfXAgcrTUmFr_GARjx69dN9fU9V4GUqUX2e4XZ_ZNczIAj88IOA41-vtWXM_CJZ16D-aF7TgEQn8QN-3prneVr21ieeVNs0KGyYgXs6p3Ez0xJaWQteJKHRGJI-6AFIZ0SxOGcvmJfCTrIIb7OHxx9I9wr04LQf14uYJP0t02cAtCHO4c3z0F2kWV141PYd5NF7T_4a4KXtdjcz_vOYR3O_hckn1dvLcw-43I-NCJ7q4ErojDwbbx-0tHw3N-a5e6F8Msv3SJJYB0hWqtgSOm5aP1hriFycd2F8e-Fy16Jyk0ai6nfBgmmYgKOe45GjwNHYARpl9jGWCfnnHXLp24B4awu6odIy_db5UYEG6vRPLchmzDKPferpqm4BvmL4l9D8aWGvwCt48zzvENjBn0j1HeBijxx1Iqw9sfjECGY9tZp-wavfz_7RhoL8JD5PxBTrJPzHeqb86GQUxO63oiuR0TMXSOZJLa9MycIQGg3PATMTwLGDpwpNeW4aXjeVZTw02neU6mtdLyAqxMirPoUPNF16lhAMgot2_LZ1KpnVTvlD-QkU0Ic5bd0MGV3l3tPUUvQqEFmo5a9lvA9L519e7mZOavQZG8XUWEunXKm4um9vsDC37oE4zEMie13d11JRBJF3_2U2Afr0i7hWaPkvL4ujFw4NZRIZxlm89gdI3hAL6bvVZGfvhYIMohrx0UsH07EZldfBMBYh6zIFtfjwhXYw
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 01F7 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb6fc9eb76744c2a350a27f5ab0b686ad8267daf9034b3cb3579e0fe22219e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5763
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A599 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoTlDfMbuB6PoSZraoTq2ZpKU067JCPm96dU5Nn9DmED470xRpFI3Qvh8f3Eby573SL1ov5Yc3ZFY0lY5ydoNi1-GF4tuaMc61WpkfRRc4mCESNRkUpM4NKd6niSC1UaN6mlTFnIrT5cF2g1eo5LdjJOFXG1XwSfhVDv4XDutcRE51hXrkRVO92FID4TpdEKi525L6wFfXnYjSUY7ffsDSJ2ZnxTPekr3P1RAaTHuyiju4d1rWXJrGgCrDNmaFI6mevOy5G4S5hmHMMYrAPipbp3YgYj9L2209mn7ENRwRcYETE3EnsRAIzN9BhSnEuj1TjhKTbD3ocLzve8mKI3kBjw04MsIniCWtLW2jvr4QllRdh4E2IIJgkb4PFBuD-vNNJ7JySVn4x6DMRCYNddagobORogIQoKwVFXmBWSD0oWuIw2EGABGObJlrJvpDhu_NYxDKYY2_hBgFQZ8qaFWS_asTSg0Nzlz3d0pyeCdPQ5YBCi-ULvE5pJuDmUiY21_VDOMKk_a3bdjSWH4aQ92UdSjpnqUcYesRVPDvnjaHK6J9J3Ho6_jeccxqZjXjPvy4BLG7MVLiErrwIFi1mUW4YVxhdJRXvPkN7SdVeyVF2eVo_WenQgApoX4YfrJJketf0mGVyhSsUJYartHykFBDoXoXMmkvN66NYEkqqY2rE5un63d6u9dPiInrA5liOi7Oogb0_nQSDdXDW27i20P6PIiXEW4UewBwKZWXXT7fEcEyF9w_ONJZ_AbNeOOwkBzPeUoJiv_LJLKYC3w_PK78IfIQqGG5W8pcLT3iCQZAZ68aky7VUWEVuXuJpWcR2sQqruPgaQSpxL8fEgW5D37VHuRC0VklmI3h5D-LQD9sNov86sdRoSAtULi2fm1HKYULlz8E494KUrh2F1i2aFC91uv21p24VlWDd8RQoG-K52RAULtimdRPf185u4-wJiMGBK5HpVkFyfSsg0SCjjOFO9NLxxANU3bK1l5x9IBc02UXfopljcKySj0Es6vhdbouEuA6I55tgQM0sRFc5H9bGct_9WosorNjf53bgsO4vnorfzmrLOZa8QHGYF2ysHA5hexDzcDJDoW_oQrgUOrGNH3yPZvLZOZgMnOuUzbXBlqnep9tPOn9XCJi4bxTK4wt9NQQRSntG5wiXEF5QCTXZYO0iSONfOqboLw3Vnxp763kI5DnmvVcj1tgBwuTQlKyhiY1WovkvYKymudkn9wwWVCfVrhA-A2kFf_cJh1d&sai=AMfl-YS0fPkpUzUGMnngAxvvs7ZI4VlGQG7mzfVmoXV0mjt2s92bN3Wzan9WxFksSIrQcKjEiQet7WaYP9s7r1n4OmTSABf6IlA6UXo54Vik3xGRgAytiYgkSeIV4n2iuWiayj7FJ4yNHp0_Yp-3aETj7SdGmhnWjq562-_-rTtRUdrVjgafGA6C5VG3UbVlwR2yK1wZiyeQIn2iLRJED_0Iyp3dQdKAtJnL9UOsscidUEoHdA02RTYETDoj4Qy3Yq6cK4lSaiZYWVgeEQ&sig=Cg0ArKJSzBm7xlkQ4gIzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=884&vt=11&dtpt=588&dett=3&cstd=287&cisv=r20221019.89933&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: haigram.com
URL: https://haigram.com/?wpsafelink=d0mPzIH4YrwApbsCadfEeFlgiHnikTzAydWh0WlBqRWtlblgrQlZWYldPUVhsRm9DS2pPL3FhQ0xkcnhid3Q0MD0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 0B6A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 01F7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Oct 2022 06:05:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_ty8Ikh8vYznQY6jDvOWnurqIBxpqwdpGXUGfC9tlJkOHyrh57ykhbp-WSxqBPln7PxOgAFUKabN1gUrgg3EhhJiv6dl5CHnpMcgpCZpEoF7iUc_sNEFgbkU94ThDuPxvaKxQjg&sai=AMfl-YTmEBDccTJ5abaTe-x164Iml0CPn2Mi60Zud6XdtFRgcBB_JvyiH8MG5nI4LHN70NheaRGzEJ8NyiWvp5tdnrgAg6NSj3hgavgo6fV0Vm_psWQQT62fzj1viBn6t4g&sig=Cg0ArKJSzPSfcGudWfAnEAE&cid=CAQSPADq26N9C2XneQvV4u80aShF0b9My_hTrvkJe8grU74j8IJ4tke_ForfuOL1EYg4RhPQQcbFfmWCW17iOBgBIA4&id=lidar2&mcvt=1010&p=487,640,587,960&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=950051178&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666591503893&rpt=745&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
es_encParams_L2FwX0RhdGFTaWduYWwxXzE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyX0FCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDNfNDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0XzEzOTY0NjIzNDg0NjEvYXBfZ2Rwcl8wL2Fw...
evs.jivox.com/trk/72/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 1E23 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/trk/72/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxXzE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyX0FCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDNfNDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0XzEzOTY0NjIzNDg0NjEvYXBfZ2Rwcl8wL2FwX2dkcHJfY29uc2VudF8vYXBfZ2Rwcl9jb25zZW50X3YyXy9hcF9MYW5nX2VuZ2xpc2gvYWRiMS1rZXk9OTA4L2FkYjE0LWlkX3ZlcnNpb249Mzg3MTRfMS9hZGI2LWtleT0xMC9hZGI3LWlkX3ZlcnNpb249MzgwMzFfMS9hZGIxNC1rZXk9OTA3L2FkYjMtaWRfdmVyc2lvbj0yMjA3MV8xL2FkYjExLWlkX3ZlcnNpb249MTYzOThfMS9hZGIxMC1rZXk9NjcyMi9hZGI3LWtleT02NzI0L2FkYjgtaWRfdmVyc2lvbj0xNTk0Nl8xL2FkYjIta2V5PTEyL2FkYjEyLWlkX3ZlcnNpb249Mzc3ODdfMS9hZGI0LWlkX3ZlcnNpb249Mzg4MTRfMS9hZGIxMy1rZXk9MjEvYWRiNS1pZF92ZXJzaW9uPTM4ODExXzEvYWRiMy1rZXk9MTQyL2FkYjktaWRfdmVyc2lvbj0yODUwMl8xL2FkYjEyLWtleT03MDIvYWRiNC1rZXk9MjEvYWRiOC1rZXk9MTcvYWRiMTMtaWRfdmVyc2lvbj0zNzc4OF8xL2FkYjEtaWRfdmVyc2lvbj0zODcwOV8xL2FkYjYtaWRfdmVyc2lvbj0yMjMyNF8xL2FkYjEwLWlkX3ZlcnNpb249MzgwMzRfMS9hZGI1LWtleT00MjMvYWRiOS1rZXk9Ny9hZGIyLWlkX3ZlcnNpb249MTc2OTJfMS9hZGIxMS1rZXk9MTEvZXNfZXQ9MS9iRGltPTMyMHgxMDAvanZ4UmFuZG9tPTAuNDc3OTc3OTM0MTMzNDM4MDMvZXNfY2dOYW1lPTkzM2NkMjFkODc5ZmQyYjUyOWFiMDViOWJjMDkzNjRkYzM1Y2ExNTUyNWIyZjRiMzMyOTZmYzFjMTM2OGUzMWM0MDRjYTI0YTlmMTU3MmU3ZTQ0OWI3MzA3NDEyZjY1NzY0Y2NkZjYxOGI0OTZmOTQ3NzFkNTA2Mjk3YTI4MjMwL2VzX3NlZ05hbWU9QWlybWF4X0JsaXNzX1JlZnJlc2hfUmVtYWluaW5nX0RpbWVuc2lvbnM=
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.23.220 -, , ASN (),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:05 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 0AAD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 09:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 09:53:10 GMT
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/ Frame 01F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/skyblue.png_1650378740125_skyblue.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:07 GMT
x-content-type-options
nosniff
age
165898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2050
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:07 GMT
Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/ Frame 01F7 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:15 GMT
x-content-type-options
nosniff
age
165890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25127
x-xss-protection
0
last-modified
Tue, 17 May 2022 09:00:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:15 GMT
gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/ Frame 01F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/gradient.png_1650378740125_gradient.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 12:15:48 GMT
x-content-type-options
nosniff
age
236957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2035
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 12:15:48 GMT
baseGradient.png_1650378740125_baseGradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/ Frame 01F7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/baseGradient.png_1650378740125_baseGradient.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:50:12 GMT
x-content-type-options
nosniff
age
238493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3232
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 11:50:12 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 01F7 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:03 GMT
x-content-type-options
nosniff
age
165902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:03 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 01F7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon1.png_1650378740125_icon1.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:07 GMT
x-content-type-options
nosniff
age
165898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:07 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 01F7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon2.png_1650378740125_icon2.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:08 GMT
x-content-type-options
nosniff
age
165897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:08 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 01F7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon3.png_1650378740125_icon3.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 05:00:11 GMT
x-content-type-options
nosniff
age
522294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 05:00:11 GMT
logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 01F7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/logo.png_1650378740125_logo.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:08 GMT
x-content-type-options
nosniff
age
165897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3423
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:08 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 01F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/logo2.png_1650378740125_logo2.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 08:00:08 GMT
x-content-type-options
nosniff
age
165897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 08:00:08 GMT
blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/ Frame 01F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=N7gjwoGYJU&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:48:06 GMT
x-content-type-options
nosniff
age
508619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1923
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 08:48:06 GMT
dt
dt.adsafeprotected.com/ Frame A599 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=73c3541d-74dd-9952-f113-4aaa2abd0678&tv=%7Bc:rWfure,time:1012,type:e,im:%7Bpci:%7Btdr:758%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1013,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1008~0%5D,as:%5B220~0.0,788~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:229,fm:tl9S6ot+11%7C12%7C13%7C14.1014661-62144026%7C141%7C142%7C143%7C151%7C152%7C1611%7C171%7C181%7C182%7C183%7C184%7C1851%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5%7C1b6%7C1c*.886862-62195780%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27%7D&br=c
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:05 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2Fw...
evs.jivox.com/asvar/impr/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 60E3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evs.jivox.com/asvar/impr/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2FwX2dkcHJfY29uc2VudD0vYXBfZ2Rwcl9jb25zZW50X3YyPS9hcF9MYW5nPWVuZ2xpc2gvZXNfYXY9TUlERlVOTkVMJTdDQUlSTUFYLkJMSVNTX0FJUk1BWC5CTElTUy4yQSU3Q0dlcm1hbnklN0NHZXJtYW4lN0NEQk0lN0NQQyU3Q01vYmlsZS5TdGFuZGFyZCU3QzMyMHgxMDAlN0NpbWFnZSU3Q0dFTkVSSUMlMkNHRU5FUklDJTJDR0VORVJJQyUyQ0dFTkVSSUMlN0NGRU1BTEUlMkNGRU1BTEUlMkNGRU1BTEUlMkNGRU1BTEUlN0MxODE0MzE1NDQ1NCU3Q0FCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYlN0M0NDkwMTIwNTQlN0MxMzk2NDYyMzQ4NDYxJTdDTkElN0NOQSU3Q05BJTdDTkElN0NOQSU3Q05BJTdDTkElN0NOQSU3Q05BJTdDTkElN0MxNDIzMTc3OS0wMDE5NjE1MTc2NTk5NSUyQzE0MDg1OTI5LTAwMTk2MTQ5MzY4ODE4JTJDMTQwMDA1NzMtMDAxOTU4NzA3MDUyNDQlMkMxNDA4NTkyOS0wMDE5NjE0OTM2ODgxOCU3QyUyM0ZGRjE2QyUyQyUyM0ZGOEE2NSUyQyUyMzgzRkZGRiUyQyUyMzc5Q0FGRiUyQyUyM0ZEODRCMSUyQyUyM0M1ODZGRiUyQyUyM0ZGRjE2QyUyQyUyM0ZGOEE2NSU3Q05BJTdDRlRXJTJGQVBQJTdDRlRXJTJDRlRXJTJDRlRXJTJDRlRXJTdDTkElN0NOQSU3Q05BJTdDTkElN0NOQSU3Q05BLy9iRGltPTMyMHgxMDAvcj0wLjU5ODkwODU4MTM0NzE1NjQvZXNfY2dOYW1lPTkzM2NkMjFkODc5ZmQyYjUyOWFiMDViOWJjMDkzNjRkYzM1Y2ExNTUyNWIyZjRiMzMyOTZmYzFjMTM2OGUzMWM0MDRjYTI0YTlmMTU3MmU3ZTQ0OWI3MzA3NDEyZjY1NzY0Y2NkZjYxOGI0OTZmOTQ3NzFkNTA2Mjk3YTI4MjMwL2VzX3NlZ05hbWU9QWlybWF4X0JsaXNzX1JlZnJlc2hfUmVtYWluaW5nX0RpbWVuc2lvbnM=
Requested by
Host: haigram.com
URL: https://haigram.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.23.220 -, , ASN (),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 06:05:06 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B6A 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjpEcECtWY8rfJrXJ7_UPicCw2AUAAAAAOAHgBAI&bg=!oKOlo-fNAAaaxvStusY7ACkAdvg8Wh2KCcfFptTu_4NlfOrs4wnP_BEA4_SHmUSwGq97U8zApWjQPAIAAAD4UgAAAANoAQcKAJCcoonRDUFPxsDybpXkSj2LCMGNSiRTGFSMxXdLNyD69x1Nebps9IEMcBINhJyeyq7KXn2r76TXCmgk7fbLVdY7VUIU1bcf7X2jepFHQS4Yzd3IeXlh3K6XBJVqKl0FpYNJijU2Cy0tfdcBgZhr3UptJ2zoVxW1eS0LSMc22lpYy71venQTX98T7f4QrdPQu_SZAuocU-l0FGR2zWLMlk9aeKlgk_mEyBOOSxgmKLC4o5A3KBRMS4wWejMo38Buwmb55acEM_TDZiuaTff7FxxUgpl9AYKqc9izCymfsGQ1HVHcqOr_PkeUi1Sm4q7RV3Qu2y28SF7UCdQQhG-1UjLadL2j7grw50ioO5lvNkPP1OpZ71mDaRnJibjUrxeva5ra5d3FZfpUi5JcOekfFzVwSO2xGrCPlpqAQ9tTV-jqvWzAV04GOBhL_fzFSmnJdgqan-4-6O1vI6T_lrXbgCoPtjKdO8DjDgDWKZT1Ql2guVR3H44hX_fdrCL7D9QdkEGJJAsLig1wqx4UII93tyQkSst_uJGBJnOhI1biMSwbuHNxG2VdlMlnnL9jHEaa4QnNJGgRAMXaZYFwYCVbkGDckazwCYG9C-X_1qyyYltjA-e9gs895uEuu5YbEs5UAzZ3gKrVlRhStg6udw1FxrgeuCTiVKmpX3cwMIxFQryAdonjkwHLpF2e4Cqdz0kWZdkZ-ZZmkX1e_KcGv8hxEJZLVSa5Vz3S8D3IDRlZYBQoRqx_04fWvqKM0aqSHHpyCQKkiF07GC_NjzD9DuKjNJl9YZBb8pfs-HyOfHbBAlmeulOFZ81zrKQRqG9dL5QlzzDAfY9lNA3CubP1Gmjx83XCsgaxGNvMeLWJymvZHbadohX6hFsunywzZQ74ziUKcalGWMQTtHN46JXFaQFhQYV0TulVaXbAhWZYGmpMSsS1v82r91_hFreB3VLsLzHeGKApNq4MHNlJWq_cNsPwbkpmQMDnRl3mtmrDByoLZzcDwoYpOe8m52GQCDximZQsDuCZpBn4Uhwf2ttCZIFf8KmwkciFzSn25AA_o5uC0K9MQGo1pF9SH7dtOe77DoMMao0chP_YRSQB8US91sWWRI5kRsavmlevYqq98mx8OkRWUzmZ0YFbdPC1fG9sRAxmFG3Takn6y1bxNelWT0ggs0I0glWjKULjvPZ_jN8_pQ
Requested by
Host: dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
URL: https://dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 06:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2Fw...
evs.jivox.com/trk/73/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/ Frame 60E3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fw.adsafeprotected.com
URL
https://fw.adsafeprotected.com/rfw/bgd/1014661/62144026/xbbe/creative/adj?p=APEucNU6xfUmc1GtrKvvboLbchcZ8tsjpxoU4ApKKhbWai91U4Ug7sc&d=CokBAKAmf-CyluUvJ3pKO3Mh_7b186PrlAw8UXeyugDPVMXsT_LNwKpqYwrBtcinmX3QBVXazQAgRHUJKRVLSg5KB_bgGezYMLzMBT_eWBHVqiCqdXLwaxHzwBu5mrtUTrdZ_4tCAgRLiV9yUBx1c8YlxehaKPqFIwl9rWL5kXri5qeYlYFRljqy9CASiRMAoCZ_4Cn_nYix7kURIvD3sYZoLaKKxO8mLaUjJ-xw4UgJi2iUJlZxqkdqrNgNh8xzfQ1K3CNsKPMFFW7gv4SFqQHxojeAMIIhto_VcNFmYEoN2mnK7l2a90ths1H9EwGAN5q7d3yVVMM_u6RUIRPQiIcnvB4ZUuAPkU9AmirGB2buFeAvedthojfIeJsF0LQDIdH0wG0guCyRd2TCFn6Vd6HPhL9k1jVRG7f0kkMS-ta4yNNboBvQCx9DxrOtj7Jc3RsChpdLmpRgMOVjkv8Qlq77FHJtrrmAGSNEXfHDjfgPTbyTyATiLYB9_osOapGHKj5162pUIP7Q6F2D7d5ntaL6vFdfVuVfi2oz4o5NphclhnkqzqR5Q9Yjv4OjeHdPmLBxz1DXhnU92BRk90RRBpr2YPctGg5P9AgNV9jwnXBs11cz6FV6esjV59uWfqEr3mw70xQkiODyuge57l4S6nGB8-4Zo0R4-7D2SOLGrT8iwM8S0GvHQSrUZWp97FtapxJ6FyUy4N7wYz9DnLxJinX7XgXboSIaMuVaUXOk-d6_gxQ0q1EeNxdh_XFNqBeKu7hgoLyS0Wh1-MtgS0bm55268B2CHB474jDRK775wDw9JfuAsLnCpf0mStzD69pmXlT4a2xT-goR97yHix2GF_BbIGXpsSamZ5IafiyBOMlNli7CN60qCuxT-4E0Zhr4qNtmghHgWmnr6SAnjYRa5-LRghtEOglY_MftUhWHLJSfQ2VRaIq93G_rzvnRIE_vRkTStv51yElvGCclCM4ahuYus2pKnej_DxdUUyzZGYbn57t1r-cuAy2LJAWFpI94BbNVuejNqwSsU5OF99L96FrfIAx1jfMB6J3Q1b3-idumAt-VttkDnk4Z98M8PVmQWyxhloti6RYHzyVkDDdOqCqKlyaBnIUY2OWfGrMWROSsagZYMaXv6iJHsoLE87qV37IyEzwQ6vzB7v_du2DKlKzb2ESfEd2jkgLPT3sjPBcP96OoCKmcNcnN88RxohBcYFsDi37GcnJC8ppfT1c4ut3mhex0gmbJ5beKR1zqnq1_2J4_DplqCHn1UoaM-0PLpVRw9jnXQWoUxn7YptqWlVx9Aqnoob26p6V8dOZvSFM_DY2ZhsRy7dni8muAMJx6m0fXf-dUoaNOjg9QmMs94oNpkaaPeWKpxKFUZLhucjbxwJ4DVpP3EkLkvDpevUT5_HLFNuT8Z3Lg-NWSLfX5MRXWZK6iJTAMyEKVuvQC9KoSL1LtxhQI54JBqwNYijuzr11mvNdbkWdv3TzFT5ggHzX9s8ANtDx1LOa83H0jwZOMBAULtLf3DBC1ql-b0Q_IDyu4SqY9bScR4Y3scKNvpA6QiUIobvY8mjCEntr3Ro5JGeb5xZXhLkf2Y1S2HJLBc74FMq_00qQz1eJ_LT7WcbJSV-yx8cxY-sjjjQfkHmueOzyGR8k9bDTGtw0fia71Hp_VOrbyb64RaegIEFzbC97BDgiEBFpm4Jbhsyz4o7YPm0jlYx0llkZdwR9u5Z5JfQ7xCb4IL92_XYmh8sAY1zrJ4qyF4ad4647R5ZBV6VsTW-LulWwDvEZ02sB-xj9LOBIvEwUEUa5ubiTftYHLB99677Pst-IM__SjMo9jiqd6keZIMaPAEVi0km8pha0g1qPtFhGftvJWAbnckieO0GAn-eOiTygDDEiMhCF5hbOCM9B956vIyNSs6pKGR8jchX_wQvNmr7b-QvWcMsQS53BY7bwK_eiJRXk_hGR-TvKub8lT3HqWdpTGhCJjxGmWeElRIoK0iK5IAyth4xRaYGfgp8P1Bx3LzQMaGJya82CPb6jpdAsALi7HgXY2rYXL-JJ1s9OlT13d66RJfFHuyS31K9h6L0nfChP9x7aHHGfV-kkCgnC4Hpl_gcF9ZuTD2_M6_QBsCu0T__hWdTWGBQx0ZEEANVsl6rAH3JZnOPYsaC3_sJZXcnH0c5p8feG4ij_jilLEBefORCar0t8CMg9bNOxWgpt7h5CIIXOOD34diQ8-ZQ1zT1ICU7mBFlnXqNyO07n_EcK4LV9sihqg4acOt02TOv7kyCXLbAGJg0KPXct58RsH3LUQTfFHD1iy6A5Xdexpm6o-CgqeKbPW-CIqIdHb8JeQTUPE8wEC8sSHbx0ddQlADl4NBBRR2qkdQBEOfny5uqpo55bE8Rl4veVG2aoJorNv0Q28GDa6F6Aq6g4_lgD6I-p0FdEhS8VnGyM-Vp2wvdBJlDjbCdVyPKvIBviz_zTW9qe80lKHOFQPHRwNiU2_u0ZQuauToWfi5k6ZNmlU4Iqhw0j6EmGdu5O1qQDJfuk9HTZdG3cW2VxaLAFPONd34ptCU5QxTiIgzTmdqSF-vUATEvVN-rCZ31ieLHAffCGmypyHk1gBFfxWfjkvoiVEuz37IOQ7oX7EXZ3GArK_pHKhhusl0BoV3mrA3weBV04NS0Vr79M9wbgmztb6_0gSSsw25n7HlVbtRL66ebK5of-nnlcIXy_8bIoZ9o26NGRyv0kUgscQlsyUVUx3tUiixAvBiS_EUyOBP5hNy-aYiOzFqnX-aoJE_y8Quzs8fBkC1-oGn-bIpUTrGuXCwD30ED5PJn4eg9LG7PztvGT3CXs36XSb4M4PfydsCGdGbigNlJ3n_RyD7EaZnT0SIcaiffLSQh26qB1aiySM3zz-ko0wSAh1MM2m7FLWADHBv45uBbhEJ4nGWVdGCdqHN_zsjJCp2kWj53lqMMN_Gxp14SpMuSzb75E8SfZCwHTq_7kot3X55tYAKAbZBRjYI1DqWhRVn-jLvFsyTFWNhqyyRIMbPsmAF7D41PQx-wG7HZkp-vL1BpSyJoFGA1NyG6I38u5qNBIlf28suADnedQb5-yrOuYQ1WHq7yLZNBwkI1CX5nl4HtCV11QWZwOeo8dcMcJMPwEylml4SaT0zGDmbFrOvl5wrLE1vQQYpXcNZZUGxc4LZ4QRXm5xyahzWIT1dStvM7YY4Ao5zvguol57yC3GAFedbRVe03m9DYEDuOvvGA1Jb3khzW1v2XpI1NDfwcaaF_0ZCHKyqAzDCW3-an72_zzqW1CcRDegP-evVTKnL3nAzkWfoSpUcyrCHdGcfMdCVkIgyywm-3_pmTKBIChd_dY7A24q7DywpeY7MOO1rgN9-BCye-TsYc_b-YenCBfaQHcj2wubPCcpMsdn82gViCvYAUjA2qGl0hrzQ4iqH5uYNnwCludkL_-LhH5hvBpUCAQSTADq26N9HBCkouTZDyvbASt4JlvMYvkYiNad6VnoVctvd-NJnU6g27Ky4Ckr-jEQPBOGyLLI4I9J3Ur1xIlJE8G6JfZATmdNe3DMzI0YASAOYAE&ias_dspID=3&ias_campId=28377781&ias_pubId=pub-4573231550355221&ias_chanId=1&ias_placementId=17455270685&bidurl=https://haigram.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gYNGGhyvKn8ouQf4EhPcpF&adsafe_url=https%3A%2F%2Fhaigram.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fhaigram.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7a7a1fab-1d8d-b30a-c0cc-693ec0c95be8,c:rWftCD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-4t9v4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tl9S6ot+11%7C12%7C13%7C14*.1014661-62144026%7C141%7C142%7C151%7C152,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:cc7b773b-5361-11ed-8b89-ea653dd8197a,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Domain
fw.adsafeprotected.com
URL
https://fw.adsafeprotected.com/rfw/st/886862/62195780/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_ECtWY8rfJrXJ7_UPicCw2AU&cbFunctionName=goog_wrapCb_ECtWY8rfJrXJ7_UPicCw2AU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fhaigram.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fhaigram.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:73c3541d-74dd-9952-f113-4aaa2abd0678,c:rWfubj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-6v2z7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tl9S6X2+11%7C12%7C13%7C141%7C142%7C143%7C151%7C152%7C1611%7C171%7C181%7C182%7C183%7C184%7C1851%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5%7C1b6%7C1c*.886862-62195780%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:26,oid:cdc81c46-5361-11ed-9464-4e216430e460,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Domain
evs.jivox.com
URL
https://evs.jivox.com/trk/73/207211/301/145352/55f48ca4113e34/6/jvxSId_1666591504.2043/es_pId_UA26m8/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MTQzMTU0NDU0L2FwX0RhdGFTaWduYWwyPUFCQWpIMGo4WXF5R2QzaWtBcklEM0dndGpMdHYvYXBfRGF0YVNpZ25hbDM9NDQ5MDEyMDU0L2FwX0RhdGFTaWduYWw0PTEzOTY0NjIzNDg0NjEvYXBfZ2Rwcj0wL2FwX2dkcHJfY29uc2VudD0vYXBfZ2Rwcl9jb25zZW50X3YyPS9hcF9MYW5nPWVuZ2xpc2gvYWRiMS1rZXk9OTA4L2FkYjE0LWlkX3ZlcnNpb249Mzg3MTRfMS9hZGI2LWtleT0xMC9hZGI3LWlkX3ZlcnNpb249MzgwMzFfMS9hZGIxNC1rZXk9OTA3L2FkYjMtaWRfdmVyc2lvbj0yMjA3MV8xL2FkYjExLWlkX3ZlcnNpb249MTYzOThfMS9hZGIxMC1rZXk9NjcyMi9hZGI3LWtleT02NzI0L2FkYjgtaWRfdmVyc2lvbj0xNTk0Nl8xL2FkYjIta2V5PTEyL2FkYjEyLWlkX3ZlcnNpb249Mzc3ODdfMS9hZGI0LWlkX3ZlcnNpb249Mzg4MTRfMS9hZGIxMy1rZXk9MjEvYWRiNS1pZF92ZXJzaW9uPTM4ODExXzEvYWRiMy1rZXk9MTQyL2FkYjktaWRfdmVyc2lvbj0yODUwMl8xL2FkYjEyLWtleT03MDIvYWRiNC1rZXk9MjEvYWRiOC1rZXk9MTcvYWRiMTMtaWRfdmVyc2lvbj0zNzc4OF8xL2FkYjEtaWRfdmVyc2lvbj0zODcwOV8xL2FkYjYtaWRfdmVyc2lvbj0yMjMyNF8xL2FkYjEwLWlkX3ZlcnNpb249MzgwMzRfMS9hZGI1LWtleT00MjMvYWRiOS1rZXk9Ny9hZGIyLWlkX3ZlcnNpb249MTc2OTJfMS9hZGIxMS1rZXk9MTEvYkRpbT0zMjB4MTAwL3I9MC4wMjQ1OTM2MDY2NDI4OTIwMDcvZXNfY2dOYW1lPTkzM2NkMjFkODc5ZmQyYjUyOWFiMDViOWJjMDkzNjRkYzM1Y2ExNTUyNWIyZjRiMzMyOTZmYzFjMTM2OGUzMWM0MDRjYTI0YTlmMTU3MmU3ZTQ0OWI3MzA3NDEyZjY1NzY0Y2NkZjYxOGI0OTZmOTQ3NzFkNTA2Mjk3YTI4MjMwL2VzX3NlZ05hbWU9QWlybWF4X0JsaXNzX1JlZnJlc2hfUmVtYWluaW5nX0RpbWVuc2lvbnM=

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| googletag object| gptadslots object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc undefined| $ function| jQuery string| RECAPTCHA_SAFELINK function| wpsafehuman object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gridmax_ajax_object object| gridmax_custom_script_vars object| html5 object| recaptcha object| closure_lm_71970 object| twemoji object| wp

28 Cookies

Domain/Path Name / Value
bicolink.com/ Name: AppSession
Value: a0121a0c73e5c229262cee3b78b9709e
bicolink.com/ Name: csrfToken
Value: f569a2d1bdb60979f7c2743985283e9baf4072b292d8c8feaac6dba38734b68414372773d3956e404eeaa26e2e1ab36d65d088cd3eac60edd747c0ce21c4314f
.haigram.com/ Name: _ga
Value: GA1.2.141213828.1666591502
.haigram.com/ Name: _gid
Value: GA1.2.2061641187.1666591502
.haigram.com/ Name: _gat_gtag_UA_175323605_4
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmpqQWAwX7dCkGhpMSc69udJLlkwQKacQRKLNeNaJM8aqLJWczHSyw6V-Omcn0
.adnxs.com/ Name: uuid2
Value: 4907095265166364848
.casalemedia.com/ Name: CMPS
Value: 2212
.casalemedia.com/ Name: CMPRO
Value: 2212
.casalemedia.com/ Name: CMID
Value: Y1YrDhiI6dW-s1epAXE.QgAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.haigram.com/ Name: __gpi
Value: UID=00000b780183a451:T=1666591501:RT=1666591501:S=ALNI_MZpZgcOfqI5KFdADI2IqzEW2Qi-ZA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Mh/UpN!]td88i_iqf!oN/@E'zz<*Z0Qms9lcBW$pTI#e[R[nX'pdZn?NDYJbhGL$p4<QG=%9sk@3@'s>T17$eK
.quantserve.com/ Name: d
Value: EAsBCQG0J4EA
.quantserve.com/ Name: mc
Value: 63562b0f-b240c-2cfba-e6fb8
.bidswitch.net/ Name: tuuid
Value: 679c7134-66d6-4edc-97e9-66cbb4c6d12b
.bidswitch.net/ Name: c
Value: 1666591503
.bidswitch.net/ Name: tuuid_lu
Value: 1666591503
.de17a.com/ Name: guid
Value: 1.1478188657208383688
.sportradarserving.com/ Name: zuuid
Value: 66ad05a0-5b61-4b01-bab7-6f48b0c55517
.sportradarserving.com/ Name: c
Value: 1666591503
.sportradarserving.com/ Name: zuuid_lu
Value: 1666591503
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1666591503
.haigram.com/ Name: __gads
Value: ID=b12589288e9f76f0:T=1666591501:S=ALNI_MagMITwnpwMWwKVZyImppuvcyIBfw
.jivox.com/ Name: jvxsync
Value: tl9S6N1ZmSQw
.mathtag.com/ Name: uuid
Value: f45d6356-2b10-4400-988c-8a3ff4be5255
.mathtag.com/ Name: mt_mop
Value: 4:1666591504

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2295048427582817&fa=1&ifi=4&uci=a!4&xpc=81NoN6Efcs&p=https%3A//haigram.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
ad.plus
adservice.google.com
adservice.google.de
ap.lijit.com
as.jivox.com
assets.jivox.com
bicolink.com
bid.g.doubleclick.net
cdn.doubleverify.com
cdn.jivox.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dea5fad99b5c6b852b683e36b03081ae.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
evs.jivox.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
haigram.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
link.bicolink.com
match.360yield.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
playercdn.jivox.com
r4---sn-4g5ednly.c.2mdn.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
traffick.jivox.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
evs.jivox.com
fw.adsafeprotected.com
103.229.206.241
104.18.19.126
108.138.5.230
109.106.252.240
142.250.184.226
142.250.186.34
18.66.122.124
185.64.189.115
185.80.39.216
185.86.137.108
185.89.211.116
185.94.180.126
193.0.160.128
2.18.232.7
2001:4860:4802:34::178
213.155.156.164
213.19.147.45
2600:1f18:1aca:4280:6f8a:bad5:dee0:c2d6
2600:9000:21f3:5a00:8:48e:53c0:93a1
2606:4700::6812:19ad
2607:f8b0:4012:811::2003
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:67::9
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:480:9::210:ee0e
2a02:fa8:8806:16::1370
2a06:98c1:3121::3
2a06:98c1:3123:e000::c
3.124.225.111
3.126.56.137
3.220.23.220
34.149.12.213
34.241.76.101
34.96.105.8
34.98.64.218
50.16.119.243
51.38.120.206
52.21.72.191
52.30.181.76
54.230.177.203
54.93.141.89
66.155.71.25
69.173.144.139
72.251.249.13
74.125.133.157
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
06840644c87bd8fdce7276ece8348cb5622633fc414ff87a7d4f4a8a911a8cff
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
075c9cba3dd1d6297e050d52f82e2343db39b552206a29052aac90f92e73f4c9
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
11179047472fc509f72d948e10a1f9468713c2e625f0bfdc88651ac964e4a9cb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140d811fbd66604096f475e83e93a574bf342b48a9e4c82375eefb6278440c0a
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
16ffa6edd8694160dd28a106a84c813872d022956a0719bf11332f64cfedfd83
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18786f220f262807f08b7f7e6d1a9d1057b044c67e4036c303acb51e4ebde587
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d38eff9b221cde251a2d87ee24eef44ce46d74fae7fc22e7462faddc923f1ef
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e4e29dd19de1ee28bc632fb72fc38408970937f7145119380c8ebd7547f50d2
1ee51c0aeb0d786d3a23dd91ad2081214f476f619635d89310961a30d198c852
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
268848b9589aec907547ef4adac5822b6fd0be0e650bc5545762a4f581731566
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2bba5229ee6ba5c14553c0493414e4317798fe9315b2e6308676ed0e4dba9543
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
313c9d6e9b20a4a065421ab0be3971e3fb609023c96bd0ce13ef665f1c331d8d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c093e733de9db0982f27625ccf0da85617e2576ac8634a420c633936a351a5
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
3b52b2b021b0c6b75b0fdad5c0e586f79e222f39b90b1ba4d0dc80ded1058e37
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81
3de5f748681b730ffef09e19ed2b0e12ae61835e94b359e3ff4ccebf4369c6d4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
4057356738aa98d9d20ac3c91b909bb6daa7ee793e4f4bd23e6c0955e4aa0deb
41a78a8f3efa9c0dcdd9b83e834bdac0f91abed6cd81f5c400606ba8ec35b3fc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
456216e8c9b0906906096492f544bc76fd992aa7e0af07cc8354bd286a63f66f
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f698026bdece005152cb1522406ed7385c8d9ea6ba4f033042563274058c289
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52c7c7b86671d5d52f393f60118984ce424f015a82b790718b3144c1ee3298b6
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59348d34b59f5cbe16baa7ce23234fd0395dd616d47a0fa247240771ca289988
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
6053508c4325d1a2628349371a28fc9192b21900c24f031ca623e6f3956e434f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b91c5ed41026d4609b7686e2024d86e7293d3bc2b72dbf969c96bbcc125f272
6b94aad068face95b79270021a2de0b4a2e4dea15cd8365b85ac770c557b65e1
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
6e27df17ee7de2054a21e318f2c715aeb8f5af73fd7d3f03ae2886af9e1ecb91
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
714ff128c84f7b8014a243c19160149e6e3a9a185a4373767fd402bc7740435e
72bf550ac497322e890edd198316b2cfe4065b688fba8bb95ee13a1a95b4cd5d
748bb054acb859c3520314498cdbaad76b3faf7f89d3e6871ae3fdfcc4b7d938
76dab764b0e848cada83fc7b4d0c1e036ea82fe56b330a6a5be61d311f609b0e
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
80988102fe6278d257db81a3adb886c5037b55a562a92845a2db1df053e438c6
81b80336b97fdd114f72f7a98dc86bcbde657c86b538d1a193606140c171722d
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
889c601bbb5f6c27b9122534c24ea3f38614c40aa1f5332afa0d423e224cc614
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8b821700b36f9f457d7c6f5dbfd4140c3f6007bfe0093e9763eb0129f952ad13
8d23b9b8d0379b6e7f8a8e0e7be41ef47ef76121befe171362368d81a47bf43a
90b12ce3fdcb0ca16d67307b404b4d4199850bf39e5b8a599911685b9dd42877
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
958447d209fe130b4a050cb6607bc9a386c4534396e3139406f7f9fd28ee65b2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97f46d51d9d686c4a7fd4b5d75dcbfb16187abbc48038a59e75f3593b326d2bc
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99d97e92258543088e1c93691ccb34eece37eb84d1b327645c443b3c8321a5c8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2c4e98b14a2368dfd16b838f30352905d716e26e17337ea242d1ae52bba879
9b9d08449c09d0e03131c42e267dd4079abe7385cf2d0425480d1b6a33f9d6a6
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02473396d4c6bbbca1b76c6ffa9eeea68a8ac546fb18c16d8403376a3a33728
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a19c94d432788585bc5edb13c0eedb40a9671c09aa5c93d114df1f93077a10dc
a1e4f80c095e8e5b2e11d02245c879fbe8a47af3d6ca6a64228fb2f95a727a88
a22c8abe36375cb168890bceae272108fe3c9c46f50861131836fee72aea2455
a48190be924acb42997311fc129a0e762844485ca0b41b4c2b0f7934ea5f9822
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b790ce97c10e8abbfb93bf4d6dadb6563c425bbf54c4b4ce095325fbc26247
a57f8b2555e1110acc9dc337c7fe934c309fb7900eb729571c92a5ad1edf2ebf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
af5896b1be656e8b68bca0d18ce4284856d4e8890bdb3d987fd39474f45064a7
b0876f0cdbcae7764cc424d1d476ef37361443a730454130ab0668b8145ba40a
b0b340d17b3ba117095f2b74e56b2b8fdc5f3ad9a3a9266bca7780c43ac42147
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d1b9678afd7072e8a7766e35867754c786dd30fe97d36b674251c42aba96b2
b3dc031a74ef6f40326100d97c5de489f34140293083028911a2a674416ffd0b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b9697511e30ff7d79300f1beace0cc887259173f05fdf73cf1b824c69451e2d8
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bcab7842498b23fdcaa1c8c324a7d92926d6064488ecec02427538c678cf1f12
bd0084609e401184adb3ed1f9e0d8fdf43958a1d8282b40e8d56d6ca18b5f6bc
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c43f850ffbccce13441085cd28f679f4a9da25601ec7daa561d62c3e1e823699
c67c08fe3d5704e0b0914586ac4b85287980702db11e0740d86e09d890f9b658
c877f81c88adb0b86b6410351228b89b7adb23203ad0b073ed20a66edb161900
caba7be01a9df9066925fb48177870e75fcc213795ca61015e52cf63ffbf98c2
cb6fc9eb76744c2a350a27f5ab0b686ad8267daf9034b3cb3579e0fe22219e14
d0978df5d4174510292c263cf6752136d9316f5017a82c5776b767ee77f0d04a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d80f2f62bb39a65b8c1d3f5caa60f1a164f54a1e1641ba41249b202fea3f5880
d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc
d89d5b86a550f90ad654fa7f378df13d983140ba351686ecfd0fc2b2c394c896
d99b9159933626d57392bca0e7b472d9a280a58df5c6cd14d9d093bbbefebaed
d9d01ab26a499b19be475560f99c67f7f0e6b09a22aef1d0c49523d78936712a
dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dcc003c1063b0beadac4e71bd218b27a7f7e889f3cfc923ccc722d1ab916c1d8
ddfee1a652dfa1b44eeca23bd60b5a63cd39dbb52adf16b4d5b6321cae7db6cc
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
df194280e8a78feb4174d8b3576b8fbfeef6188143024b657628ed601b6bff0c
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58106e0c7a9452baa2b22781f9775b5f3da2e68e2d0a59a3b421b9f7e0ea4cf
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f7f65dac0d845ace7745ff725f4a31e0e0b6ae97b0d493082792f32809d37a
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3c4f95c4e1f049a1b0b23c8623218f60341fba72d9aa02fc7bdce11fb95dbbc
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
ff2226686a5a5d67becfc522f9dfadbcf2ad6ea8a2f047f7bfbf7c30e09a4a3b
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3