andronishoneymoon.com Open in urlscan Pro
2606:4700:3030::6815:566c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://andronishoneymoon.com/
Effective URL:
https://andronishoneymoon.com/
Submission: On November 18 via api (November 18th 2023, 12:43:58 pm UTC) from US — Scanned from DE

Summary HTTP 142 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 17 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3030::6815:566c, located in United States and belongs to CLOUDFLARENET, US. The main domain is andronishoneymoon.com.
TLS certificate: Issued by GTS CA 1P5 on November 12th 2023. Valid for: 3 months.

This is the only time andronishoneymoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	2606:4700:303... 2606:4700:3030::6815:566c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2 12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.124.69.248 3.124.69.248	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:af70:5903:a54a:226c	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
142	14

46 2606:4700:3030::6815:566c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

andronishoneymoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:af70:5903:a54a:226c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	andronishoneymoon.com 1 redirects andronishoneymoon.com	2 MB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	502 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	179 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	159 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	22 B
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	864 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	255 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	71 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	653 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	387 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	608 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	544 B
142	17

	Domain	Requested by
46	andronishoneymoon.com	1 redirects andronishoneymoon.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	andronishoneymoon.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	www.gstatic.com	googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	mc.yandex.com	3 redirects andronishoneymoon.com
4	www.googleadservices.com	andronishoneymoon.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects andronishoneymoon.com
2	d5p.de17a.com	2 redirects
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
142	20

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
blazethemes.com

Subject Issuer	Validity	Valid
andronishoneymoon.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://andronishoneymoon.com/
Frame ID: 702F124A39791E8BAF26F440A202E7FA
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: CB607D4B8A89D7D818F6C6BB65A99C99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&adk=1812271804&adf=3025194257&lmt=1700311431&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431239&bpp=16&bdt=805&idt=212&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3475058610483&frm=20&pv=2&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Frame ID: 7BC483546B3D79D002500ADFEEB694FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700311431&rafmt=1&to=qs&pwprc=6133459307&format=1200x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431255&bpp=2&bdt=821&idt=234&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=237
Frame ID: CDDB98D431B39D7AECF1D95D76C86946
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=556946149&adf=3844514634&pi=t.aa~a.3729920003~rp.4&w=821&fwrn=4&fwrnh=100&lmt=1700311432&rafmt=1&to=qs&pwprc=6133459307&format=821x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431990&bpp=1&bdt=1556&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Frame ID: 25BAA3EC68BBC20475271DFBAFE0EC34
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BE58F97439A3F15104ABD7BEDF281A65
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 92352EAAE19E389899CB9F0A087BC4D3
Requests: 14 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 9724D1BF398E86C6F01F28EE657B38D0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71B76A27C0D28666BE1E98A0BE5ECB78
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 59FB8A973E5CFCF091F5A33319B6451B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: C622903964C9E2260D0EB7162BBA011B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: DA428C7BDD41BD9163C5BBC9D57C88E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 87FB6079481AA3DD0BBFC5164995FC6D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B23EE30CE97CAB6D2B5A6FE0CF8A6427
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 852B9FA7B61B4FA64C896096CD3A3BAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF175DCF2D4C691F46A1BA3BE0E8314C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AB194AEBFDB31838AD22237B0A78E3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

andronishoneymoon.com - November 18, 2023

Page URL History Show full URLs

http://andronishoneymoon.com/ HTTP 301
https://andronishoneymoon.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

142
Requests

92 %
HTTPS

58 %
IPv6

17
Domains

20
Subdomains

14
IPs

6
Countries

2962 kB
Transfer

5834 kB
Size

28
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=What%20Is%20Difference%20Between%20Bid%20And%20Ask%20On%20Stocks&url=https%3A%2F%2Fandronishoneymoon.com%2Fethereum%2Fwhat-is-difference-between-bid-and-ask-on-stocks.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fethereum%2Fwhat-is-difference-between-bid-and-ask-on-stocks.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fethereum%2Fwhat-is-difference-between-bid-and-ask-on-stocks.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-difference-between-bid-and-ask-on-stocks1.jpg&description=What%20Is%20Difference%20Between%20Bid%20And%20Ask%20On%20Stocks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=What%20Is%20Difference%20Between%20Bid%20And%20Ask%20On%20Stocks&url=https%3A%2F%2Fandronishoneymoon.com%2Fethereum%2Fwhat-is-difference-between-bid-and-ask-on-stocks.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20To%20Stake%20Ethereum%20On%20Coinbase%20Reddit&url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fhow-to-stake-ethereum-on-coinbase-reddit.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fhow-to-stake-ethereum-on-coinbase-reddit.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fhow-to-stake-ethereum-on-coinbase-reddit.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/how-to-stake-ethereum-on-coinbase-reddit.jpg&description=How%20To%20Stake%20Ethereum%20On%20Coinbase%20Reddit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=How%20To%20Stake%20Ethereum%20On%20Coinbase%20Reddit&url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fhow-to-stake-ethereum-on-coinbase-reddit.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=What%20Gives%20Stocks%20Value&url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fwhat-gives-stocks-value.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fwhat-gives-stocks-value.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fwhat-gives-stocks-value.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/what-gives-stocks-value.jpg&description=What%20Gives%20Stocks%20Value

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=What%20Gives%20Stocks%20Value&url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fwhat-gives-stocks-value.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20To%20Go%20Long%2010%20Year%20Treasury%20Yield%20Etf&url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-to-go-long-10-year-treasury-yield-etf.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-to-go-long-10-year-treasury-yield-etf.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-to-go-long-10-year-treasury-yield-etf.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/how-to-go-long-10-year-treasury-yield-etf.jpg&description=How%20To%20Go%20Long%2010%20Year%20Treasury%20Yield%20Etf

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=How%20To%20Go%20Long%2010%20Year%20Treasury%20Yield%20Etf&url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-to-go-long-10-year-treasury-yield-etf.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20Do%20You%20Open%20A%20Bitcoin%20Account&url=https%3A%2F%2Fandronishoneymoon.com%2Fstocks%2Fhow-do-you-open-a-bitcoin-account.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fstocks%2Fhow-do-you-open-a-bitcoin-account.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fstocks%2Fhow-do-you-open-a-bitcoin-account.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/how-do-you-open-a-bitcoin-account.jpg&description=How%20Do%20You%20Open%20A%20Bitcoin%20Account

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=How%20Do%20You%20Open%20A%20Bitcoin%20Account&url=https%3A%2F%2Fandronishoneymoon.com%2Fstocks%2Fhow-do-you-open-a-bitcoin-account.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Yolo%20Etf%20How%20To%20Invest&url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyolo-etf-how-to-invest.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyolo-etf-how-to-invest.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyolo-etf-how-to-invest.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/yolo-etf-how-to-invest.jpg&description=Yolo%20Etf%20How%20To%20Invest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=Yolo%20Etf%20How%20To%20Invest&url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyolo-etf-how-to-invest.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Yahoo%20Finance%20How%20To%20Filter%20Etf&url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyahoo-finance-how-to-filter-etf.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyahoo-finance-how-to-filter-etf.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyahoo-finance-how-to-filter-etf.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/yahoo-finance-how-to-filter-etf.jpg&description=Yahoo%20Finance%20How%20To%20Filter%20Etf

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=Yahoo%20Finance%20How%20To%20Filter%20Etf&url=https%3A%2F%2Fandronishoneymoon.com%2Fblog%2Fyahoo-finance-how-to-filter-etf.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20Much%20To%20Start%20A%20Etf%20Vanguard&url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-much-to-start-a-etf-vanguard.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-much-to-start-a-etf-vanguard.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-much-to-start-a-etf-vanguard.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/how-much-to-start-a-etf-vanguard.jpg&description=How%20Much%20To%20Start%20A%20Etf%20Vanguard

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=How%20Much%20To%20Start%20A%20Etf%20Vanguard&url=https%3A%2F%2Fandronishoneymoon.com%2Fetf%2Fhow-much-to-start-a-etf-vanguard.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20Long%20Does%20Bear%20Market%20Last%20Crypto&url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fhow-long-does-bear-market-last-crypto.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fhow-long-does-bear-market-last-crypto.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fhow-long-does-bear-market-last-crypto.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/how-long-does-bear-market-last-crypto.jpg&description=How%20Long%20Does%20Bear%20Market%20Last%20Crypto

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=How%20Long%20Does%20Bear%20Market%20Last%20Crypto&url=https%3A%2F%2Fandronishoneymoon.com%2Fcrypto%2Fhow-long-does-bear-market-last-crypto.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=What%20Is%20The%20Difference%20In%20Ethereum%20And%20Ethereum%20Classic&url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fwhat-is-the-difference-in-ethereum-and-ethereum.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fwhat-is-the-difference-in-ethereum-and-ethereum.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fwhat-is-the-difference-in-ethereum-and-ethereum.html&media=https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-the-difference-in-ethereum-and-ethereum-classic.jpg&description=What%20Is%20The%20Difference%20In%20Ethereum%20And%20Ethereum%20Classic

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=What%20Is%20The%20Difference%20In%20Ethereum%20And%20Ethereum%20Classic&url=https%3A%2F%2Fandronishoneymoon.com%2Fbitcoin%2Fwhat-is-the-difference-in-ethereum-and-ethereum.html

Search URL Search Domain Scan URL

URL: https://blazethemes.com/
Title: BlazeThemes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://andronishoneymoon.com/ HTTP 301
https://andronishoneymoon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10191.rU9ZiYfsjC4JYF7gp5WOVmQumNvruugKKh_tAb_T0kp5XRV-gsUJP4_2ockRjDkD.F9hIG-3twMaFWyGWDUmuc5GXop0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10191.g_3hxKrdr6Ld6OvF0RQbZt_gTSnMYSTO09uTSi2XzJQOfXHrM9sIyBEKMGyS5bOZrBpF6zB6SEWh1oE0256CuXCUKL9aU-qIkLmav2EpYK7WWXTln290BEDlJ9XgOy2LwJmRJo4uupam-8yqgThuTZC1Dhv7EnTAKBoMN0FDgdVEtTYaoXkpSx94a0LhiuDY4cgi3zvMU80B-UStu5iszD358cZ4jVQBmTOelfps-pk%2C.84fsado2HkxMSc6ThvRQTOHzdd0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10191.uiyuqfpCzggc68FjXcw0E7uIDyTcAKjFVSpp2FphhmuXjv3utNoMCi7VuSLhJeVie8AVsjQrb70OBVscKE6W6BeowMON6KjDa0Fbt9_Hl1hBIPaKAJKxqGvl4HCrh9Vn0Nsk2nxM4cOvXm2Ya3g3dhU8brdm_WX1Oq3FlQ6Jdd5Cbut0evWnAhCjRDHymvrrBBeo0nwNQaU2XYUIaE3KIQ%2C%2C.CVPZaxPJQKeoDglCOaI8QZOcTH8%2C

Request Chain 83

https://mc.yandex.com/watch/91455383?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1075670759650%3Ahid%3A210148161%3Az%3A60%3Ai%3A20231118134351%3Aet%3A1700311432%3Ac%3A1%3Arn%3A276298264%3Arqn%3A1%3Au%3A1700311432421013271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C25%2C622%2C2%2C61%2C0%2C%2C1134%2C1%2C%2C%2C%2C1845%3Aco%3A0%3Acpf%3A1%3Ans%3A1700311429722%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700311432%3At%3Aandronishoneymoon.com%20-%20November%2018%2C%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/91455383/1?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1075670759650%3Ahid%3A210148161%3Az%3A60%3Ai%3A20231118134351%3Aet%3A1700311432%3Ac%3A1%3Arn%3A276298264%3Arqn%3A1%3Au%3A1700311432421013271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C25%2C622%2C2%2C61%2C0%2C%2C1134%2C1%2C%2C%2C%2C1845%3Aco%3A0%3Acpf%3A1%3Ans%3A1700311429722%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700311432%3At%3Aandronishoneymoon.com%20-%20November%2018%2C%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc3reh7FYZdr6H5bz-gbH3abIBPuYsIZ074a09ZMSm5SSnpgOEAEgjJC6FmCVuomCmAegAc_iw6UCyAEJqQImacesD1CyPqgDAcgDywSqBIoCT9AHzfV685jngFCNzYCaj-cPiX7AjrANMWy4qa9wvYSDujwOWYwZYPeL3A4JHXXMn1NJj6rZN-rLmbIFtaB_bu2yxXOU8avRKSGIyPlbC59MhybGDjkQydHjceb4OFEsXST5lXg1-xNC0clUVipIzv6Un6WkO1Z-j3gX8t52SZbZmKfYRC61CdwDVSZ_5ER3pMHCfKdpOOq0A_HBCKre0OezKAU1B7g7l5Ehg-Dk2yXJ0tWzjMgj_5Iqku8rZu_twu2Iq1W_xRet5PNY3wmG5IN167N501oKfUq28B2O2C2BW-66cDQ6A0jXeYaOGYBZK341_mhCCZr9hqWTG_TU1pKFjXPm2YWsK8PABKX8o-qqBIgFqumZj0aSBQQIBBgBkgUECAUYBKAGLoAHmZ282gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRCpyoIB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJHmh0dHBzOi8vd3d3LjQyaGVpbGJyb25uLmRlL2VuL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTE0Mjc4MjQzOTkyNTI3NTUYAA&sigh=B4RRPoN5jBI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaN7JFqgGhGJTeUm71gwEpa8gMVU-1njx9tcqKlDKYgR5PCooabJ0rgLvkcZWm__q7Rfzm8ie-JntinwKJ3s88W2YEC4EN9C2am4RgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213737195812424743269%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615575887%22],%224%22:[%2211-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224035227635422473761%22}&andc=true

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELch3CWdVlQlz0LbeFNbkmc&google_cver=1&google_push=AXcoOmTqwc_7r8t_57MWudDepM9mbKLQe7hb22OsXZkA6BUYFg75xBDE-whr-gYWxFovxBUlBnqBckf95lN7KGfHQ3Z1QdbY6cLTY2s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELch3CWdVlQlz0LbeFNbkmc&google_push=AXcoOmTqwc_7r8t_57MWudDepM9mbKLQe7hb22OsXZkA6BUYFg75xBDE-whr-gYWxFovxBUlBnqBckf95lN7KGfHQ3Z1QdbY6cLTY2s

Request Chain 122

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKdde3wxyDnu2gQ1CtK3vrA&google_cver=1&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxEoa5qeofKW9kk22JkD4MY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxEoa5qeofKW9kk22JkD4MY&google_hm=2GepMudaSpGIwoKq-d2sxwU

Request Chain 123

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAYcTq-k7bi_3a67whxrjhw&google_cver=1&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXgKWN1G_sxPmQ8fcclI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjc4MTk5Nzc1MTQwMDU5MA%3D%3D&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXgKWN1G_sxPmQ8fcclI

Request Chain 125

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFHd0n9MDG4GpWYK1i3b2G4&google_cver=1&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIGventndyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIGventndyQ&google_hm=eS1rd184SU1CRTJwRl95b01iUXE5RHVrbDBlTWM5VHlOUn5B

Request Chain 126

https://d5p.de17a.com/cookies/google?google_gid=CAESEHkIeBfAZTus-HUloMPtdXE&google_cver=1&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHkIeBfAZTus-HUloMPtdXE&google_cver=1&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY

Request Chain 127

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEK428yx_iMVcd2sO0ZHtlsg&google_cver=1&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lbgQsQ134K9tTlLtBqIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lbgQsQ134K9tTlLtBqIQ

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CQMZhiLFYZebgAdHMgAeYvoPYAfuYsIZ0j4i09ZMSm5SSnpgOEAEgjJC6FmCVuomCmAegAc_iw6UCyAEJqQImacesD1CyPqgDAcgDywSqBIkCT9AcsKRrdsOjHy5vQSLmwPH5VG_DK979tIwMlVhJ555WVrejoxTv8PSfdDIDIOKLBffCrxkIcvq4nXdNwqarmBoFrBZP0ytTDjGb5vw84WDYLOxD0jHb1KHKO4kQxQE3QOdVwetY6Hp4Hi8SE_N4D5hBbTSHS7mghpb1Ky_bl5u_CMT6xM7PSxifVGQp9GjyCwv__TCpaWBU7dxPPAsQ8xGVUB3hwlfY-9j6Q8Aw9uqodWRuOAyHLG2gnx7LOSkYVs-yDlndrYw2PcgE5MVFp8PpCY6zmqjnqOZYlH-UxABMcYKCvBm0nnxrvgAB_QM_ew9bk-H54kJhwSs8jQgQDK9NfCSr6bpmj8AEpfyj6qoEiAWq6ZmPRpIFBAgEGAGSBQQIBRgEoAYugAeZnbzaAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENPMJdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCR5odHRwczovL3d3dy40MmhlaWxicm9ubi5kZS9lbi-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQK4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTE0Mjc4MjQzOTkyNTI3NTUYAA&sigh=11q-CGw18A8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNrBDcwTwlDyMVaFQ-RGB06X5M-KM0rxHJt1QyqZC4U0BUOOeE73Bws_sZNlgdrStN4pqjWrL1CxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223510883775725671326%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615575887%22],%224%22:[%2211-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212846308745097560945%22}&andc=true

142 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
andronishoneymoon.com/
Redirect Chain

http://andronishoneymoon.com/
https://andronishoneymoon.com/

199 KB
17 KB

648ms
622ms

Document
text/html

2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: dc0f26c74a277ea3f73887f9e95716b602a2cb708c10d4ce1fcebc597e75fd9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82804d245fe39a18-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 12:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8HsVUREFmxn%2Fdhs%2BdpqocFFDEKI4%2BuRFwCFPeOlz3y9%2FuPSJsbuz6WEAEFC%2Bg%2B4uR3IUHIN8cPjigxxU499l%2FR7h1nqoGAEyX2GrOZHRBBcI6tkznGy01StaLp6WibCRrDVKTgHEsk1HfReyH3LcaeB8do%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-powered-by: PHP/8.1.24

Redirect headers

CF-RAY: 82804d240d6f926e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 18 Nov 2023 12:43:49 GMT
Expires: Sat, 18 Nov 2023 13:43:49 GMT
Location: https://andronishoneymoon.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B8syeix7poMErrYgBrp4mdb8yBEEq1GLY8Z2owg3jsbXbRjgQvGDyDf9Hza8ee01yaleK55rgNhsigA2ml5DsjRDxMPdLuYJ4Thjc%2FB0hFIqIYgAVDBOOJ6nPdsx8D0407dOAAWg7ACdU%2BPV32nbFiNGbA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
andronishoneymoon.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 597ms
594ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 18:31:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bd3f4-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3adC9XCPWVwIk0gUuB69NUdeRdz6ChGgNQxzpAfMjT7L%2FqOPYBNyswgEnxfyNQCp0w1mI0pk56HeKNSN05QznGtLFcmqQzCVOOqCzOI4OS4ickn7mK0SgSSvxCN1kPc1Rvze4vH6oDabuz%2FTULfIkW7FEjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c139a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 screen.min.css
andronishoneymoon.com/wp-content/plugins/table-of-contents-plus/ 1 KB
786 B 476ms
473ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 12:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7323-484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABsPQM89GAdmZiKAB%2B8h5dcasTQqYlpZ1Ud4oiJvUNCMpyd%2FtNVCIQQjl%2FQXILFCLAfhcUMXvTaECSZS0treFuBR2f4cHVyZVLW%2FHZ%2Fn1e%2Fguz5W6mGEBdBe5HRpjxiyCIpYMrZIPZmU9Bk%2Fs4VU3ochwpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c169a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 b96977cc140f426783a478f349f41fb2.css
andronishoneymoon.com/wp-content/fonts/ 15 KB
1 KB 494ms
491ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc82acb4404a3f56c3a42144df7ae765ea5ddee67585486b7aa67102845de6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Nov 2022 13:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7e0e-3df9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyXNZ69sGm0l0H6tq%2F0IbGrxP2MDG0OzrfjlxEl7qF2O6LJU%2F11SWEu0rXJTqfOOpU6qJTQg5496by4QeZwbExTKcjV0inPLefr2aBTeS5886xwBrE9X%2B5IjDgxldmMaEDx7H%2FlaO7N2tLGXF1lqjcUer%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c179a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 9165ca0e2663be63fc6d1de236312776.css
andronishoneymoon.com/wp-content/fonts/ 3 KB
850 B 481ms
479ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/fonts/9165ca0e2663be63fc6d1de236312776.css
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5f16d5d6d081c69227083ce58622d12e981ea8c11ce576ccd74ca742362eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Nov 2022 13:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7e0e-d2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0EDIRtWjM1rKtAlnKRR34pgVWHAkQ3WrW0orpFqkzDuVDcyLXiqhhsHy%2FRvhaM9B15onWja0xIddzq1XWlpJzH2w%2BzPie6hsZzYVZtRIg0FhaShhFgudhhya%2FBD2bp6ZPvsDVbBzrZvVtN1vT%2Bqac3iURQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c189a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 all.min.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/ 58 KB
13 KB 483ms
480ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd493524c8be6d84cf95959f93103680b3faa2a47c92482d43ff1836d8c08055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-e7d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwsiVoCVaa%2BsU9kgjl5F9QG4H3OD1iVk8KIw9%2FhXSveXwJ%2FogU9%2Fx185E5juJLQblYMifUNI9fmyi68iNwVUiQ128ZMpBoGBP44DFKI4vQE85qdawsceXiNLPRA0IVWn5cDavERuOF4E3sgQZJcOQSyI8HU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c1a9a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 style.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/ 146 KB
17 KB 601ms
599ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/style.css?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3966ea752375e1a0a3e1dfb4280c340b8f6dfc7838a3acce2b7751bf6764e3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-24724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpiPxSXXcj5FnJVhno2PwKGmeDb5UvrwVwPgFmquyQyZ6jI4KoRGzKr8MgQ%2Ft8xpBLmPUx7BlZ9QiuwUCCaDxefEN2LNxBFpftzlcoY0JpNgpihUmIAOUI7rThcA%2B2puTxNBuBSoQiuPBsXL5Fd0TqQrF00%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c1b9a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 custom_bootstrap.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/ 82 KB
9 KB 482ms
480ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/custom_bootstrap.css?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4f61f12466e376896a4a4ffc670d03f12062c0229f945a26a3697dab27881d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-147df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpEClu8gvJKwXtgnfZbcigMhUosWmy%2BtlA9IxI%2B2yc7Ws%2BxWmwEYZ%2BUKaVZbOCGl7LZf6E2A5aNUDRhZBvfM426lGI3l%2F16yFIF61x9mrdwb12owMWS%2BPGWhB7%2FXqMth5vG%2F8jAzgT11H7tbbPay1vVwaRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c1c9a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 slick.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/slick/ 2 KB
881 B 492ms
490ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/slick/slick.css?ver=1.8.0
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-767"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fgpku3G93Pou8KIx7ogubE0VPCRUWKukMrSJ4QGmBuvLi8AldvZhuCY8QiOad1Q4vhjsmCjfm4tpNQIAfj4z2Dw9P80GGTqNrIEe0Bx9tl%2B%2Fh3biLShQxoD0PiM8mHBX3lWW%2FkM9atQm8WlBvyKySGseqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c1e9a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 additional.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/ 76 KB
12 KB 503ms
501ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/additional.css?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43adcd86e1ad381a42bca03ee32e543a5ddae1ae0e59a356b52ff166cdc427e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-12f00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF1LMaN454AtLjaDS08Ljo2WXZeLeJ%2FUEU76rMjCsosp74D0WbTvdi4%2FUpy8nrbdcRoKu5XZesWDBXTncX7wYDMDRkUnxIOtPAAfKkG84LqbSch53Tb0XTzQ4a9Eet7qHE%2BC67UvS%2FZkMo%2BcBCoI04MDm8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c1f9a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 additional-styled.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/ 52 KB
10 KB 484ms
482ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/css/additional-styled.css?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a71cc8fa2cf3afa73cd0d08e31c2d2e514a482e6a29944fd38d629f576da2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-d1f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIeLTktr8o0zCXgQoxBmczhfVdHMkAzes4aACehV9H0jXtNCIS1M6Gg1ucX3ulbMeeU50soEnFI3pScQH5tvqi%2FmNUdBiyJ%2BBfh9nu7kX1RBZypbwJNmAj6oEn4j3313Q8Jf4owJQy260GvTnNj8ASBOeHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c209a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 style.css
andronishoneymoon.com/wp-content/themes/wp-minimalist/ 23 KB
7 KB 485ms
483ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/style.css?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3aba44b063828c6669e0e5c3baf9898033b0c1fa3c0390be6d9d1e523e0436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-5de3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGoBzsy67SRBTe5HNAggP4RmGks00LmsS6SNn%2FrQ6ffdzQWGPl9QssZL4Ij0%2Bu5pVFQMz%2BLNTgdz0QgGOhuE3CrmqYu9XWsCP4s4p5L4XoF5yY3gBcNli0c4LZT8D4bwUYv8KdfEZsHkfhibOFuAI7ak9fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c219a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 style.css
andronishoneymoon.com/wp-content/plugins/meks-smart-author-widget/css/ 545 B
580 B 491ms
490ms Stylesheet
text/css 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/plugins/meks-smart-author-widget/css/style.css?ver=1.1.3
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 12:50:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7401-221"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq0hWnHyAiMXF4AAYiMNOJ0N6TWMD2oJkONqdBcsKjYr4JGvW%2BlQfPWZXG671pvDhTihgO7q8ke1JJKsVUkS1U1n80PWLVhgUAgDOk7gO0cnO7IT%2B9kq%2F90AirPGzmZ%2FxpPjukBjLCoINKobouveB2pYulA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82804d284c239a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 jquery.min.js Show response
andronishoneymoon.com/wp-includes/js/jquery/ 86 KB
31 KB 618ms
617ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 18:31:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bd3f4-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABqz85kam3Q8thf5soM0dlS0yAZ5qzXkoGLOsr7E3oYQrJMAHdDenS5NeI2qtjETUl30XCY8XGr20xeZn4F9RSrg2xOe0Zy0tppV3EAU07PdyxbJ7zdJGhqN%2FQmw3zb7a21s8t%2F02G9MAHZpRWcXV8%2B%2FTQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d284c249a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
andronishoneymoon.com/wp-includes/js/jquery/ 13 KB
5 KB 28ms
26ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 01:30:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60304
etag: W/"64d2ec22-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oH3EqxliGVpHltTTO2TwQk%2BxixghO6wrannMbVU3u4txK9%2FOhdkHry5nVt7Xnv7TsdQaGnn2hkctawnTG4S0mCVVDG%2FO0MYt6dAtL2cietXZa8IasfojIj%2Bd6f%2FVYrYxlXkDaprOBcZYoqe0972QpoT4eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d284c259a18-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 18 Nov 2023 19:58:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
53 KB 125ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1427824399252755

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19393b775b767d2f772a226e0d33f4a9929673944900caf8d2f5eee3cbc7a5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53710
x-xss-protection: 0
server: cafe
etag: 4111487390838546762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:51 GMT

GET
H2 200 cropped-logo.png
andronishoneymoon.com/wp-content/uploads/2022/11/ 7 KB
7 KB 482ms
481ms Image
image/png 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/cropped-logo.png
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25170e484659f4ff452fb0d842bdf05455b747373acd31017e717451907d671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:50 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Nov 2022 11:58:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637f5c7c-1b2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCVLArQ3KmHm%2FGIHae442oUEbKGIRlWXEySCNqaHJn4hmkG4zDCyzYZQaZzM0p9gax4OkwJJiJo7Yeej9CrGXHG3UQ7CEbUpJYjlo8BzULlDZpJfnW2US2h%2BoUjbSmQxbwCoF6NUD3%2Bg0ZjnA4ASE%2FZvm5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d284c289a18-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6956
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 what-is-difference-between-bid-and-ask-on-stocks1.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 236 KB
237 KB 715ms
714ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-difference-between-bid-and-ask-on-stocks1.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b696b8a79f385681c9e8c4de70135ed69fe3581d0a224374859fd197818598c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:50:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63872751-3b1d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo9uXavaUBxs5IywaOjuqwHQ%2BPEXsZrtztFgG8apns3G1cwhHdI9k8noMOvxTrx42hLiiyAvYKMnaZYeolpPgnxlHYsbRPkZjc9c5PVwG%2BKNtLn9vAvvd4lkSru%2F2z6PM9%2FulohwU%2FJieAhcXc5MTx6kSNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d284c2a9a18-FRA
alt-svc: h3=":443"; ma=86400
content-length: 242128
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H2 200 what-is-going-to-happen-with-ethereum-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 25 KB
25 KB 601ms
600ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-going-to-happen-with-ethereum-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6bc0d751d9be88ce8b1e1aca430a75b8ab715bdde11410f16c8f5b276dc588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:50:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63872779-62de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqBM8IVdbUeHAfttcDeU64g5%2FofN%2FBNyS1ZO34CAiqVk5bCBGBMzJ4TrmnmU6GqcnswkjzWbjwkxN07jiWa%2BQWqNloC5zdOMNoHNNMnYqMQytfaqlxW2mQHLrVR6yvWnOPLig3a03GXLITtHhHxwopIzv5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d284c2c9a18-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25310
expires: Sun, 19 Nov 2023 12:43:50 GMT

GET
H3 200 when-do-i-file-crypto-taxes-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 25 KB
25 KB 593ms
593ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/when-do-i-file-crypto-taxes-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5016a660b7a49aeab17f87546c126106c8c5878d33be49879e31acc8aee5109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:51:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "638727a0-631c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S0AG8ZVv6JnTGLSRcOAdu%2BCfSG7X7Y5tg6DuqS0wn9uj%2BazwNsx78iP8v4czvKnRjjes75g6KFuWceIXEorxo9w25tJb4z8VeLqludpLJHK56RfCRstbAHV7ZFXQrSaSDe0UDeb1bMLC30vuYwxrGs6ILM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c0ffe383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25372
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 front.min.js Show response
andronishoneymoon.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 486ms
485ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Nov 2022 12:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7323-17cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myWG0uCClvKtCycZi7Hrzi8gNFbrqK6qtYiRyKU2mt02w3X2h76TG%2Bjr7w68KHEBFiUZFH95gYST70WuShUMbw5WRl5IOHLyV2T2GBbcD27JKqREkF11dMYVG1njV17OUnt9s1xUdlqfsU542K1FPVy%2F%2Fuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c3875383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 jquery.cookie.min.js Show response
andronishoneymoon.com/wp-content/plugins/wplegalpages/admin/js/ 1 KB
1 KB 20ms
17ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/plugins/wplegalpages/admin/js/jquery.cookie.min.js?ver=2.9.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 15:01:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"637b92c4-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZhgF0uiERCeNV5pbyfj11n3cvJEcRbhpJkCngI6hWIxmB3mYRVq9IsqOfOceG5QPaLxCLBEU0q8J6MN0y19RzaM6ONXUbjgPQL0OV2OLDqXXcVuvklcuhP1TXnBUwj4SNhYiV1ELMDRLGmmHB8gCDnRFqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c4879383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 imagesloaded.min.js Show response
andronishoneymoon.com/wp-includes/js/ 5 KB
2 KB 27ms
23ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 18:31:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"654bd3f4-1590"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM%2F43VN2oSNTBBf%2BNIuH0r0RI9T1%2FUWjebhc%2F94YeakSp0P5iHdt0MfQRx3l2Bg%2FfgZeWYsxLv6daY29Oeyn%2BXbciSZf2CvKvxVa%2F4WHiY%2F0vQBne3Mat%2FjDjX6cR1%2F%2B4ATZjPfstGaqRjDYN97TLdVph34%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c487b383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 masonry.min.js Show response
andronishoneymoon.com/wp-includes/js/ 24 KB
8 KB 21ms
17ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 13:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"63778818-5e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK%2FLa0SBTl3riArNd5e21KvlCfedGLiCOlqdABW1RHIxFDyrMw%2Ftzb3o4UJSAIT5uBGvzpwRMQB9oby8xCvN5SEx36ifgXcnvxtapGi7IT1oFdi1pW0m%2B4s%2FLVeiTUVI55aivYqcMOYlz5wuHCwqBV3n4gE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c487d383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 jquery.masonry.min.js Show response
andronishoneymoon.com/wp-includes/js/jquery/ 2 KB
1 KB 21ms
18ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 13:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"63778818-71b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE5B4Ib7njYYahM15AEibJI6sdcvSSSLp1oY0Lseu4qEkvJBPPeja1o%2BB%2B024w3ZkIzz5r6WEPtLJu7aFAkuQ8OuUE%2FNeD%2B1TK6%2FWzuPZtFwVTs2aOioAq0d7Hl8kQfpC1BARS6WI%2FvNrXI3%2B4QukhTSaig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c487e383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 jquery.waypoint.min.js Show response
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/waypoint/ 9 KB
3 KB 476ms
472ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/waypoint/jquery.waypoint.min.js?ver=4.0.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86e183995d42d069cdf501e7605562c081cd7aac3b779abe3f69af717d4dd47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b7db5-234a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd3ZYx44a082PXc79QUcrTNDjX7AEirJRyTM29VjBqro6D05lRY41pdGaOWz6Z7Ou6Viwn69saRpBS%2BwNlBv2ymZ5Dd2N8ccKqenFsaS99e%2BNA5eBIHZ4DblStUrunI0Qo2MNtqLiljDTvxsCzjNQRngQiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c487f383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 slick.min.js Show response
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/slick/ 42 KB
11 KB 27ms
24ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/slick/slick.min.js?ver=1.8.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"637b7db5-a770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUhXrqUoVh2lEnmyTW96F2LBXOsl6DpwmZqYgmJYUkb1bm9P9pPhmsFs1Hs4awQm5LUCQnbobgUSQs7crjJ%2FTYs6WbgaAwihX4dIXdWMIkGR2OwTLqmGzbkqc9WOU8IJ%2F776hDE387CMlWuaPUF0dsavN40%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c4880383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 theme.js Show response
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/js/ 11 KB
3 KB 21ms
18ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/js/theme.js?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5eeeb57bd5f7d2025991b865261fc36f520807b085c5a7089bb5c981f7216f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"637b7db5-2c39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQ33D%2BIw3uZYXNBFKMjoz0gf04ye7j2FHzGb6Lc4F2y2Ytau2V1iYbADOiChro5Eg3%2FkOVdcK9P6mhI3k9ptzdLm376ovKr%2Ba16IC8SoVforTCgw0sPFkjZ7fZkHRtId%2FSVEbOglbyiYYgsi7p2T%2F%2BayEmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c4881383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 navigation.js Show response
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/js/ 7 KB
2 KB 28ms
25ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/js/navigation.js?ver=1.0.8
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d859787f006c16aaad4722ec0ba30f1aba051be238588db484834b745e238749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4754
etag: W/"637b7db5-1b82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQZ%2BOkZFf89sLDKjV3jqbv%2FZiaALfm0%2FPIv78sbuHC44NOo0R9ISPnz2Wt1zeRK3xfgCM8f7SWUusV0OyC2IbqW2KRyBFhGS2ehN1Th7DGBYt26Bs6SRV3hudmS6BC8EjQkaciKSS2D9MGxdU2knFAjeJG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2c4883383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
BLOB 200
OK 5a72871f-35da-4e9a-abf3-8a57dc4890a3
https://andronishoneymoon.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://andronishoneymoon.com/5a72871f-35da-4e9a-abf3-8a57dc4890a3
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
andronishoneymoon.com/wp-content/fonts/montserrat/ 30 KB
31 KB 23ms
23ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Request headers

Referer: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4754
alt-svc: h3=":443"; ma=86400
content-length: 30928
last-modified: Mon, 21 Nov 2022 13:33:02 GMT
server: cloudflare
etag: "637b7e0e-78d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT3wEwM7VikOPEHbu8GPstP3MPgfvz7ePFzmcKbrI7ZmhJKKSv4BGNkvtE8VSRi1LhwWQpDqxzvY6ZIr4GYPRXkCiTIj2do7f7AYo2gPvGCgG0XNQffl6POUdXwsmWTnvTkvPPLb5bE2EbP%2FVCVa%2FOBMFUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b3383d-FRA
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 fa-solid-900.woff2
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/ 76 KB
77 KB 24ms
23ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4754
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
server: cloudflare
etag: "637b7db5-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESyyqdezzKTqtyOC%2B2HrwCvyCDoQBNRLkTknz%2BiZwt0vg72csoTK320Jbg2Fh5%2FzS3MGYCEeuRpmdlJGen8rSoswQBMWffnhBgtVKEfliqjCcWqUoPnphV89hA%2BmXYBvZSnTfByPRDahaKJpL%2F%2Bj9iKYv0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b5383d-FRA
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
andronishoneymoon.com/wp-content/fonts/montserrat/ 13 KB
13 KB 472ms
472ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/fonts/montserrat/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0daf844710614138ad93ccc63bae5b8d2575780a5330e662f1375a03d8951aa5

Request headers

Referer: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 13:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637b7e0d-32c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpPMoXQTRRiKPTj30r6jtpmGVHGvrcJXgKbtEBrxeminLKox%2BS1bTztSxpW95LZFSctFBHvmp6tB%2BRfb670ZApqSDH9n2dh4zOAvLNTCasWvxrT4rO2P4G514jtpt3c1vt5NFUD5hOkI1slr2RSMYDA9X8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b6383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12996
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
andronishoneymoon.com/wp-content/fonts/playfair-display/ 35 KB
35 KB 16ms
15ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/fonts/playfair-display/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Request headers

Referer: https://andronishoneymoon.com/wp-content/fonts/b96977cc140f426783a478f349f41fb2.css
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4754
alt-svc: h3=":443"; ma=86400
content-length: 35764
last-modified: Mon, 21 Nov 2022 13:33:02 GMT
server: cloudflare
etag: "637b7e0e-8bb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05nI7JaKO%2BG%2BeG7Jgurl5H2sfqcTaNOkg5%2F6GcwLDAhPIfiWvPHPWeh52NGiP0Zz1uGMnSgrU6rt6jq%2F%2BRMDTPF9ZDeu1Dd%2Bo%2BMryF5qTq%2F6%2FnkBW9a7Uw%2F5J6KqjPdXsT0JrFR4Wn195sVOEa%2BXeP3Ei14%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b7383d-FRA
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 fa-regular-400.woff2
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/ 13 KB
13 KB 32ms
32ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4754
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
server: cloudflare
etag: "637b7db5-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9KgFoF%2BqqDh%2FkFfGvE%2Bs5NQv4fqmWSOD0QIbB1J3cdos7hPY1d8A0wgvujO5ndZv8SL9fErJCQyzsm2STOHHZPNvAGGb3FlgeW%2B3p4n2yHINREx%2FLAp2gt%2Fm9OMNT4crWtHL2ZWwG2DWuHmRGJxhv1uF14%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b8383d-FRA
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 fa-brands-400.woff2
andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/ 75 KB
75 KB 38ms
37ms Font
font/woff2 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://andronishoneymoon.com/wp-content/themes/wp-minimalist/assets/lib/fontawesome/css/all.min.css?ver=5.15.3
Origin: https://andronishoneymoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4754
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Mon, 21 Nov 2022 13:31:33 GMT
server: cloudflare
etag: "637b7db5-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtM3Myl7nIZrCiOfWmWToPbLYnG%2FAhz97veM%2F8NoVtbYKhUGC8fN6by%2Fe7lB54Gq6M2NYmjRY%2BUcOzd2h0FxcSYWzRymWsOT979Wo2hEU%2FBOldZd30jz4VeKHGmOJXkFGk9UbG3RQFy8TcZitOv1bQzyHmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2c78b9383d-FRA
expires: Sun, 19 Nov 2023 11:24:37 GMT

GET
H3 200 authror.jpeg
andronishoneymoon.com/wp-content/uploads/2022/11/ 471 KB
471 KB 715ms
712ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/authror.jpeg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2fadbd21b6eb74f375e534c2d207cd9fddb3ff8d218a634b48f0cd4ba25a6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Nov 2022 14:54:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63861d3a-75af7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHd2e%2BRwW82X1wr0ib2gkLGfhYyn1kuAsJ4W22%2FTkIcjkfNljYH0UMe%2BYhIQ1bmRVTEOtobfOx0pOVEIG4hBV6MMGBlJUbxTNmTvOyw5g62F8NbGiarlrdIYoOjXbByaj4fdVcpX6JDJl6aK%2BBvL%2BDYzh7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8f6383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 482039
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 what-percentage-of-people-own-bitcoin-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 20 KB
21 KB 598ms
595ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-percentage-of-people-own-bitcoin-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476b38ed26a338a10b6dd8ee24f965bb1e3579bc13ed14e498b8335e8af51f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "638727bf-5186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLR6%2F1qiQjdKd3xjjq76lmXxoigEHoP8HtMwMT6iimbVSXLT7ikXHpoqd3OnuO2Wy4erRuctqPwwp%2Bo0aMgzICjsmxqRobuznOhFALFHOxKEqUMhLJ7nGH0NTgmlk4D0rmi5cbJ8ih8VjlMCrfeAwWlgUqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8f9383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20870
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 how-to-stake-ethereum-on-coinbase-reddit.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 289 KB
290 KB 778ms
775ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/how-to-stake-ethereum-on-coinbase-reddit.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50abbd0d8e5a276b1096eeea25bfa9cb5baa10d94d4d8d906a43291afbde90e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:49:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6387273e-485f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUX%2FVraOc94uv2GC13J8XyFAArhWON%2FGePVbWZNLKTr0WaYZWGseSlwJ7741ODNIvnKLzjO8Qh5ROi6fEn4kNbl80VQLq%2F66V52YAJR8Ggkwk18k0pTjNdu5FT0rhCE5TbHJJNEHrJ7CdPZP20uwo6QOdsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8fa383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 296434
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 what-is-the-difference-in-ethereum-and-ethereum-classic-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 19 KB
19 KB 587ms
584ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-the-difference-in-ethereum-and-ethereum-classic-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bccbb840d4b44ae247f66fba13102bbf3537143fe775bfac8a601a43a8fba3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:50:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63872773-4bf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9jn32Fz4euVfaKtQ0XeQly05QmupC89la88f2PES5l6DPACxBp0U6bm6pT8GMiNIiEyZ9GRWfZ8aJaKQCef2hBalU470lNPCqpxIJdi7MjSS7KRGgBuLtCvgfLXrWHiKNfD1%2B5B0MRsWwLcR2rW6Gjjz8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8fb383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19440
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 why-etf-in-fidelity-does-not-reflect-todays-price-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 24 KB
24 KB 598ms
596ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/why-etf-in-fidelity-does-not-reflect-todays-price-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70807d7f9157a7c670b2bbbc2af3ae4eedebb0e7294848144bfe1eefae7d63e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:51:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63872794-5f61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iKISNLNkMDFvXdIbIje%2B6ijJVSgz960%2F9YWIoPT93%2Fs9p0qSqNiQS9Y2my61qHSSuEjpY9AVZohDdEWxUBuNXx8%2FVY8g%2FjMjQFLjV2DdhxGAzz4AGQCoueGP9XWK8tCcii0aTa9WFTwKg3Af5jaQZIhqxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8fc383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24417
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 how-to-sell-ethereum-classic-on-robinhood-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 25 KB
25 KB 614ms
612ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/how-to-sell-ethereum-classic-on-robinhood-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7851e5af3cad5f3eb955308cb92fb81552bec4d0ca888f9cd7ac8e2570211cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "638727c5-63b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZQU5sEc8qLPaUIpml7f6kC6I8hG02cZeSgSzlmcw6LAXXXaoQbdnqvXFaTaEfTSn9Ms0p3B0yRg0Qg4a4sQUxsKJNM1n%2BfU3RE4KP3W4doZK7JRh7CgeQlvTnZd86CmWJKj%2FaA47NCocQtidEkFisTs5eE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8fd383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25529
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 what-gives-stocks-value.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 141 KB
142 KB 736ms
734ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-gives-stocks-value.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f720fa3a0e701763ea2f12d7c72d94fd8fe0cd253f3a029a4db4f61571731da6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:49:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63872744-234bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR22NPJwnrUnZBtzaT4xlywLdnc5P1oe2bEBLFxEYt478P8gKr5uHWMLiYmYQXjJr%2BYr5QaEZqU%2B6DTp5rPkEMpwwdSso8kwIUv45BnMN5Zp%2FxipnLokaOqbW2rBJcyw8fXlHYknIPLPh5kxkwKQMnL48F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8fe383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 144572
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 how-long-does-bear-market-last-crypto-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 20 KB
21 KB 598ms
596ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/how-long-does-bear-market-last-crypto-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a03e20bfb3b952f2f079b4e751209ef6c126d3470ef6eee0a4733db81b96ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:50:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6387276d-51a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F8UXiK77sTX02MwqiI8Xj49D%2BNX0Fm2bUP2%2FeNxMh7sUx3NzF3o%2FSdenBwlGJDt624ljJj7dh0xyp492E7WSDleZvkD7LO0GZ6xjgml9zp0NxUejNEDwgkGJO4e7%2BR1Ef9QFuq%2FUGPmkgpmBIx32eMz8js%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb8ff383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20903
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 how-do-options-make-more-than-stocks-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 26 KB
26 KB 599ms
598ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/how-do-options-make-more-than-stocks-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79141984bd09040b7ec8cbc073684996051f0b5ba8e880b6fa5892de1bf64cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:51:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6387278f-6626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQvL3W%2BzpUUGmvmMT8wpB796NO4njdeIy2GK2Zozq4kMn0NMFbi1YaEZorErLdvUhtKInXLd1EQSsK67T1BKTMUTLA%2FzBHUP76cosN5hZRm1DegNFXQKcn1Ui9O5LbIWjBTCQT0%2Bxq4ebtVwIED4s5Zfvh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb902383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26150
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 what-is-a-crypto-300x200.jpg
andronishoneymoon.com/wp-content/uploads/2022/11/ 30 KB
30 KB 607ms
606ms Image
image/jpeg 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://andronishoneymoon.com/wp-content/uploads/2022/11/what-is-a-crypto-300x200.jpg
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15535215b5db9ea038767b8150999c58a8b8658915b3d1f0030b1e1a710997f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 09:51:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "638727ac-760a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoavfjEuGPx%2Bhc6DSL0Flo2AjFTjmqdb0h8Jaz3i3699t2C06SlSJIrLt0woVCJ8YKPR%2FkqOfHtAW%2BWNAGGI7k9N%2Fcfbetsvjx8lIfMMbBThW2%2F8VacPESUEUmCFUz5bkHQt5Lf8kljAN9J8iTmYeKKdNt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 82804d2cb903383d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30218
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 119ms
89ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1427824399252755&plah=andronishoneymoon.com&bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1427824399252755

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9964ce0e11ea8cd3285c79fe3988599b26ebefd7069e216f306295b2e32cae34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137195
x-xss-protection: 0
server: cafe
etag: 17056778749529960854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame CB60 9 KB
4 KB 48ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1427824399252755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BC4 386 KB
85 KB 443ms
443ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&adk=1812271804&adf=3025194257&lmt=1700311431&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431239&bpp=16&bdt=805&idt=212&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3475058610483&frm=20&pv=2&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1427824399252755&plah=andronishoneymoon.com&bust=31079698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4cd9b0c3c9b5efcca1cde65e75b1cf3e58a4aaabd661c8bf5ed9159dd5fdfbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:51 GMT
expires: Sat, 18 Nov 2023 12:43:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDDB 118 KB
39 KB 678ms
677ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700311431&rafmt=1&to=qs&pwprc=6133459307&format=1200x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431255&bpp=2&bdt=821&idt=234&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcce4cb5fb974938462f804d6c16314a338e81cae737f24e49a003e546f9b1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
expires: Sat, 18 Nov 2023 12:43:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 248ms
124ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-11399"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70553
expires: Sat, 18 Nov 2023 13:43:51 GMT

GET
H3 200 wp-emoji-release.min.js Show response
andronishoneymoon.com/wp-includes/js/ 18 KB
5 KB 472ms
471ms Script
application/javascript 2606:4700:3030::6815:566c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://andronishoneymoon.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:566c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Mar 2023 01:30:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424e618-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t5TbnneVrNzS72acBO2NXJPeuFlQuzvc%2FS0upSp1GbgoL6DA6Oiq8sX9VpTMKtHwKYhfmgO%2Fk5if83fE8iUaMF1VcXAXiIVotdv3qRhGeoVY5Q6VX5skyRePBx2B5po3Rz%2Fs3tYr5njbeAguwaIvCr6plA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82804d2f5c44383d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 Nov 2023 12:43:51 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10191.rU9ZiYfsjC4JYF7gp5WOVmQumNvruugKKh_tAb_T0kp5XRV-gsUJP4_2ockRjDkD.F9hIG-3twMaFWyGWDUmuc5GXop0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10191.g_3hxKrdr6Ld6OvF0RQbZt_gTSnMYSTO09uTSi2XzJQOfXHrM9sIyBEKMGyS5bOZrBpF6zB6SEWh1oE0256CuXCUKL9aU-qIkLmav2EpYK7WWXTln290BEDlJ9XgOy2LwJmRJo4uup...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10191.uiyuqfpCzggc68FjXcw0E7uIDyTcAKjFVSpp2FphhmuXjv3utNoMCi7VuSLhJeVie8AVsjQrb70OBVscKE6W6BeowMON6KjDa0Fbt9_Hl1hBI...

43 B
581 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10191.uiyuqfpCzggc68FjXcw0E7uIDyTcAKjFVSpp2FphhmuXjv3utNoMCi7VuSLhJeVie8AVsjQrb70OBVscKE6W6BeowMON6KjDa0Fbt9_Hl1hBIPaKAJKxqGvl4HCrh9Vn0Nsk2nxM4cOvXm2Ya3g3dhU8brdm_WX1Oq3FlQ6Jdd5Cbut0evWnAhCjRDHymvrrBBeo0nwNQaU2XYUIaE3KIQ%2C%2C.CVPZaxPJQKeoDglCOaI8QZOcTH8%2C

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10191.uiyuqfpCzggc68FjXcw0E7uIDyTcAKjFVSpp2FphhmuXjv3utNoMCi7VuSLhJeVie8AVsjQrb70OBVscKE6W6BeowMON6KjDa0Fbt9_Hl1hBIPaKAJKxqGvl4HCrh9Vn0Nsk2nxM4cOvXm2Ya3g3dhU8brdm_WX1Oq3FlQ6Jdd5Cbut0evWnAhCjRDHymvrrBBeo0nwNQaU2XYUIaE3KIQ%2C%2C.CVPZaxPJQKeoDglCOaI8QZOcTH8%2C
date: Sat, 18 Nov 2023 12:43:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
471 B 62ms
62ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:51 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 18 Nov 2023 13:43:51 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 160 KB
55 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/reactive_library_fy2021.js?bust=31079698

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b465008bf36be43edab0807ec3abd2cbaf7ef002c34b20b980de4e8461f4b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55790
x-xss-protection: 0
server: cafe
etag: 13382135773582607086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25BA 120 KB
41 KB 584ms
583ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=556946149&adf=3844514634&pi=t.aa~a.3729920003~rp.4&w=821&fwrn=4&fwrnh=100&lmt=1700311432&rafmt=1&to=qs&pwprc=6133459307&format=821x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431990&bpp=1&bdt=1556&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6cd7a9517b0e0988451c2e92b0f14b523522fa801ad26854131a85ae6244a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41625
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
expires: Sat, 18 Nov 2023 12:43:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1427824399252755&plah=andronishoneymoon.com&bust=31079698
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://andronishoneymoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame BE58 9 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 9235 9 KB
4 KB 25ms
19ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame CDDB 4 KB
728 B 78ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700311431&rafmt=1&to=qs&pwprc=6133459307&format=1200x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431255&bpp=2&bdt=821&idt=234&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 11:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDDB 2 KB
875 B 99ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame CDDB 23 KB
9 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDDB 3 KB
1 KB 97ms
45ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDDB 20 KB
9 KB 86ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDDB 202 KB
64 KB 86ms
34ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame CDDB 37 KB
15 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BE58 4 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 11:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE58 205 B
295 B 64ms
23ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:09:01 GMT
x-content-type-options: nosniff
age: 16491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Nov 2024 08:09:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE58 604 B
918 B 57ms
17ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:28:27 GMT
x-content-type-options: nosniff
age: 4525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Nov 2024 11:28:27 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BE58 15 KB
7 KB 101ms
41ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BE58 21 KB
9 KB 89ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 17:53:08 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9646587850544674117/ Frame CDDB 42 KB
42 KB 74ms
32ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9646587850544674117/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0834be98d0a0fe1c99f6286ab82e2b4680402028993e2dc5f21614e7ef71c547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:10:56 GMT
x-content-type-options: nosniff
age: 55976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42698
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:25:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 21:10:56 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17515501495223116589/ Frame CDDB 2 KB
2 KB 82ms
41ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17515501495223116589/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3387da6d4be0448928bf47c59fa5612c97caca80eebe48c026da41a78ddcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:26:44 GMT
x-content-type-options: nosniff
age: 242228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1987
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 21:33:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 17:26:44 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 9235 9 KB
4 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 14:04:29 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 9235 11 KB
5 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:13:18 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 9235 20 KB
8 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 08:33:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9235 14 KB
1 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 11:44:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9235 2 KB
856 B 66ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 55c07926d0961c7899d23978ffa28542.js Show response
www.gstatic.com/mysidia/ Frame 9235 6 KB
2 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 21:08:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9235 23 KB
9 KB 67ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9235 3 KB
1 KB 66ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9235 20 KB
8 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9235 202 KB
64 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 9235 37 KB
15 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/91455383/
Redirect Chain

https://mc.yandex.com/watch/91455383?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%3A...
https://mc.yandex.com/watch/91455383/1?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%...

420 B
538 B

63ms
63ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/91455383/1?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1075670759650%3Ahid%3A210148161%3Az%3A60%3Ai%3A20231118134351%3Aet%3A1700311432%3Ac%3A1%3Arn%3A276298264%3Arqn%3A1%3Au%3A1700311432421013271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C25%2C622%2C2%2C61%2C0%2C%2C1134%2C1%2C%2C%2C%2C1845%3Aco%3A0%3Acpf%3A1%3Ans%3A1700311429722%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700311432%3At%3Aandronishoneymoon.com%20-%20November%2018%2C%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9f5e6153e8c4eafc6e2c8791ebdd3530062d99efd372c5aa68e86b80dcfecf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 18-Nov-2023 12:43:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://andronishoneymoon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Sat, 18-Nov-2023 12:43:52 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 18-Nov-2023 12:43:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/91455383/1?wmode=7&page-url=https%3A%2F%2Fandronishoneymoon.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1436%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1075670759650%3Ahid%3A210148161%3Az%3A60%3Ai%3A20231118134351%3Aet%3A1700311432%3Ac%3A1%3Arn%3A276298264%3Arqn%3A1%3Au%3A1700311432421013271%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C25%2C622%2C2%2C61%2C0%2C%2C1134%2C1%2C%2C%2C%2C1845%3Aco%3A0%3Acpf%3A1%3Ans%3A1700311429722%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700311432%3At%3Aandronishoneymoon.com%20-%20November%2018%2C%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://andronishoneymoon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 18-Nov-2023 12:43:52 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 9724 9 KB
4 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 14:04:29 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 9724 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 08:33:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9724 14 KB
1 KB 30ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 11:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9724 2 KB
856 B 23ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 55c07926d0961c7899d23978ffa28542.js Show response
www.gstatic.com/mysidia/ Frame 9724 6 KB
2 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 21:08:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9724 23 KB
9 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9724 3 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9724 20 KB
8 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9724 202 KB
64 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 9724 37 KB
15 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71B7 143 B
166 B 15ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:11:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CDDB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c147dc50e20c5cc9ef002fb94bca4fde5b828b5ad45a045728520086ef4487e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59FB 143 B
166 B 13ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:11:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDDB 16 KB
16 KB 52ms
18ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 45941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 23:58:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDDB 15 KB
16 KB 47ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 55090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9235 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NreXNjcmFwZXItbG9nby12YW5pbGxhCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRArIQAAAAAAACBAMAQKDRADIQAAAHBmFmdAMAQKDRANIQAAAACAmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAEBWQDAECg0QECEAAAAAAEKxQDAECg0QESEAAAAAgBn1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAABoZrZyQDAEEhpDSXFYaU5mSnpZSURGUUlpNEFvZGV4ME5fQSIZdGV4dC92YW5pbGxhX2hpZ2hsaWdodF9tcygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
expires: Sat, 18 Nov 2023 12:43:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame C622 38 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CDDB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc3reh7FYZdr6H5bz-gbH3abIBPuYsIZ074a09ZMSm5SSnpgOEAEgjJC6FmCVuomCmAegAc_iw6UCyAEJqQImacesD1CyPqgDAcgDywSqBIoCT9AHzfV685jngFCNzYCaj-cPiX7AjrANMWy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213737195812424743269%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%2...

0
0

79ms
47ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213737195812424743269%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615575887%22],%224%22:[%2211-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224035227635422473761%22}&andc=true

Requested by

Host: andronishoneymoon.com
URL: https://andronishoneymoon.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13737195812424743269","debug_reporting":true,"destination":"https://42heilbronn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615575887"],"4":["11-18"],"6":["true"]},"priority":"500","source_event_id":"4035227635422473761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Nov 2023 12:43:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13737195812424743269","debug_reporting":true,"destination":"https://42heilbronn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615575887"],"4":["11-18"],"6":["true"]},"priority":"500","source_event_id":"4035227635422473761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame DA42 38 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
expires: Sat, 18 Nov 2023 12:43:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 87FB 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9724 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRArIQAAAAAAACRAMAQKDRADIQAAANDMHGJAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAmQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAgBn1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAABwZpZoQDAECg0QFCEAAAAAEJP1QDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAQQDAECg0QGCEAAACgmeluQDAECg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAAAAoJnpPzAECg0QOyEAAAAAoJnpPzAECg0QPCEAAAAAoJnpPzAECg0QPSEAAAAA0MzsPzAECg0QPiEAAAAAaGb2PzAECg0QPyEAAAAAAAD4PzAECg0QQCEAAAAAAAD4PzAEEhpDSWlYaU5mSnpZSURGUUlpNEFvZGV4ME5fQSIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9235 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NreXNjcmFwZXItbG9nby12YW5pbGxhCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAUIQAAAAAQk_VAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAJiZ6XVAMAQKDRAyIQAAAACgmdk_MAQKDRAzIQAAAACgmdk_MAQKDRA0IQAAAACgmdk_MAQKDRA1IQAAAACgmdk_MAQKDRA2IQAAAACgmdk_MAQKDRA3IQAAAACgmdk_MAQKDRA4IQAAAAA0Mx1AMAQKDRA5IQAAAADNzDpAMAQKDRA6IQAAAAAAgDtAMAQKDRA7IQAAAAAAeHJAMAQKDRA8IQAAAAAAeHJAMAQKDRA9IQAAAGhmtnJAMAQKDRA-IQAAAAAAiHVAMAQKDRA_IQAAAAAAiHVAMAQKDRBAIQAAADgzA3ZAMAQSGkNJcVhpTmZKellJREZRSWk0QW9kZXgwTl9BIhl0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0X21zKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 25BA 4 KB
655 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=556946149&adf=3844514634&pi=t.aa~a.3729920003~rp.4&w=821&fwrn=4&fwrnh=100&lmt=1700311432&rafmt=1&to=qs&pwprc=6133459307&format=821x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431990&bpp=1&bdt=1556&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 11:45:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 25BA 2 KB
822 B 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 25BA 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 25BA 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 25BA 20 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:24:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 25BA 0
0 24ms
22ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3uCIZVXS_Zfv3qymejrs6Aog5U_vp5z-DgbNIL9PqB1pVp9M7HwV_a2ZqwhfjM-7LksZyeblfIBSdzv1YtF0y40fHkw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=556946149&adf=3844514634&pi=t.aa~a.3729920003~rp.4&w=821&fwrn=4&fwrnh=100&lmt=1700311432&rafmt=1&to=qs&pwprc=6133459307&format=821x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431990&bpp=1&bdt=1556&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25BA 202 KB
64 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:43:52 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 25BA 37 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 376ms
327ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 12:43:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9646587850544674117/ Frame 25BA 23 KB
23 KB 238ms
237ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9646587850544674117/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb28dfb329c50b9722c47e2b740db6affafd65f6f505b2028560110dc9a33ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:34:16 GMT
x-content-type-options: nosniff
age: 227376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23529
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:25:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 21:34:16 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17515501495223116589/ Frame 25BA 2 KB
2 KB 244ms
244ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17515501495223116589/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3387da6d4be0448928bf47c59fa5612c97caca80eebe48c026da41a78ddcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:26:44 GMT
x-content-type-options: nosniff
age: 242228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1987
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 21:33:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 17:26:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B23E 1 KB
643 B 232ms
227ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 25BA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 676a4495d9a94a08af3af87eabb672638b1846bf8c11cfb3026edd30305c9e38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELch3CWdVlQlz0LbeFNbkmc&google_push=AXcoOmTqwc_7r8t_57MWudDepM9mbKLQe7hb22OsXZkA6BUYFg75xBDE-w...

170 B
188 B

48ms
47ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELch3CWdVlQlz0LbeFNbkmc&google_push=AXcoOmTqwc_7r8t_57MWudDepM9mbKLQe7hb22OsXZkA6BUYFg75xBDE-whr-gYWxFovxBUlBnqBckf95lN7KGfHQ3Z1QdbY6cLTY2s

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700311433.031092,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELch3CWdVlQlz0LbeFNbkmc&google_push=AXcoOmTqwc_7r8t_57MWudDepM9mbKLQe7hb22OsXZkA6BUYFg75xBDE-whr-gYWxFovxBUlBnqBckf95lN7KGfHQ3Z1QdbY6cLTY2s
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKdde3wxyDnu2gQ1CtK3vrA&google_cver=1&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxE...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxEoa5qeofKW9kk22JkD4MY&google_hm=2GepMudaSpGIwoKq-...

170 B
232 B

25ms
24ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxEoa5qeofKW9kk22JkD4MY&google_hm=2GepMudaSpGIwoKq-d2sxwU

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ4QGScrD-54le3rMn7mjGipmdMtTph6vsG9Z5MsVid7DsNthh3YD1thhpvml-bVV5L_ZHMrAYcmxEoa5qeofKW9kk22JkD4MY&google_hm=2GepMudaSpGIwoKq-d2sxwU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAYcTq-k7bi_3a67whxrjhw&google_cver=1&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXg...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjc4MTk5Nzc1MTQwMDU5MA%3D%3D&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXgKWN1...

170 B
329 B

25ms
24ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjc4MTk5Nzc1MTQwMDU5MA%3D%3D&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXgKWN1G_sxPmQ8fcclI

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjc4MTk5Nzc1MTQwMDU5MA%3D%3D&google_push=AXcoOmTB-AEXvb5ok6IQpYLDjQ8eiBp44Z9ewkvWzfzvtkUP0TjJLX5PIR3aW6LzGCP3jwFrEzPWY8plhzStXgKWN1G_sxPmQ8fcclI
Date: Sat, 18 Nov 2023 12:43:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame B23E 43 B
146 B 176ms
39ms Image
image/gif 3.124.69.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELnQnRiPxKJLbI-w22bvF7w&google_cver=1&google_push=AXcoOmQfOXXCV6D-HFtO7LeEN9IlgEwOHQdVIWg652OlImt0cMIDjng0RLUpPd-nlstk_YZJrkaeadUCyy6uSUXsqx0CWGQVtt6yyW8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1427824399252755&output=html&h=280&adk=556946149&adf=3844514634&pi=t.aa~a.3729920003~rp.4&w=821&fwrn=4&fwrnh=100&lmt=1700311432&rafmt=1&to=qs&pwprc=6133459307&format=821x280&url=https%3A%2F%2Fandronishoneymoon.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700311431990&bpp=1&bdt=1556&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3475058610483&frm=20&pv=1&ga_vid=488656376.1700311431&ga_sid=1700311431&ga_hid=763147028&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=2009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C44795922%2C31078301%2C31079698%2C44806141%2C44807764%2C44808149%2C44808285%2C44809055%2C318512601&oid=2&pvsid=2948566692002930&tmod=1006603889&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFHd0n9MDG4GpWYK1i3b2G4&google_cver=1&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIG...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIGventndyQ&google_hm=eS1rd184SU1CRTJwRl9...

170 B
188 B

54ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIGventndyQ&google_hm=eS1rd184SU1CRTJwRl95b01iUXE5RHVrbDBlTWM5VHlOUn5B

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 18 Nov 2023 12:43:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXOzrAvP-iKcv6iX3vDEPhf_YLCk63o5E1jZdtIcXhVOrEkBRqj10BMvxWMKp3kxIJKoAnRpybIOq3YoxBwtquDIGventndyQ&google_hm=eS1rd184SU1CRTJwRl95b01iUXE5RHVrbDBlTWM5VHlOUn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHkIeBfAZTus-HUloMPtdXE&google_cver=1&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHkIeBfAZTus-HUloMPtdXE&google_cver=1&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2X...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY

170 B
188 B

43ms
42ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQltpA-6p6DHBQQACoJ_3HTOhlfvfsmXMtk52OYhlNbLFkJN_Six1n9i6vF4hdOnYBg721_a9cXbeaBSzyDWDH2XL2n8_GvsqY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B23E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEK428yx_iMVcd2sO0ZHtlsg&google_cver=1&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lbgQsQ134K9tTlLtBqIQ

170 B
232 B

25ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lbgQsQ134K9tTlLtBqIQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRv9BXkBAa3R3eYFgMdOIvx93be7LNG1JikFgudg1MsS4w8ISiOyIXlHrnAAF4MPemRoniwtxh-c_lbgQsQ134K9tTlLtBqIQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B23E 0
130 B 65ms
22ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKcMeVljK8Xw8V2FkBW3sy_W7LeB-_wjaLdnmuU7pDSXFFKzwPrk_sPS76LsMnKYN1xrR-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25BA 16 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 45942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 23:58:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25BA 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 55091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

GET
H3

200

/ Show response
www.googleadservices.com/pagead/ar-adview/ Frame 25BA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQMZhiLFYZebgAdHMgAeYvoPYAfuYsIZ0j4i09ZMSm5SSnpgOEAEgjJC6FmCVuomCmAegAc_iw6UCyAEJqQImacesD1CyPqgDAcgDywSqBIkCT9AcsKRrdsOjHy5vQSLmwPH5VG_DK979tIw...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223510883775725671326%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%22...

0
22 B

49ms
47ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223510883775725671326%22,%22debug_reporting%22:true,%22destination%22:%22https://42heilbronn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22615575887%22],%224%22:[%2211-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212846308745097560945%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3510883775725671326","debug_reporting":true,"destination":"https://42heilbronn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615575887"],"4":["11-18"],"6":["true"]},"priority":"500","source_event_id":"12846308745097560945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Nov 2023 12:43:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3510883775725671326","debug_reporting":true,"destination":"https://42heilbronn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["615575887"],"4":["11-18"],"6":["true"]},"priority":"500","source_event_id":"12846308745097560945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
63ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbcbb3c43f30e03f73f1686168883c63e92793463d00081915f7577d5f34b6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12398
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 852B 38 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 12:43:53 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 68ms
67ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 12:43:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF17 13 KB
5 KB 47ms
45ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 08:13:04 GMT
expires: Sun, 17 Nov 2024 08:13:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4AB1 829 B
560 B 49ms
48ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

669e27987064939c6d5d9a0fd482ca2e60b8116974e12283f8fe4ffc19530798

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nlri5OS2O6ROy6v6kJzHuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://andronishoneymoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Nlri5OS2O6ROy6v6kJzHuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 12:43:53 GMT
expires: Sat, 18 Nov 2023 12:43:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4AB1 0
0 3035ms
3035ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2948566692002930&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame DF17 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:09:38 GMT

GET generate_204
tpc.googlesyndication.com/ Frame DF17 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDDB 42 B
64 B 2703ms
2702ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCVesc-3myttUIghXVnZBv8gQnguuZ1jyBvXOKyHP6Ru0p2hCfapMIACiWGlcMNw8dF-8GKg1zdw2jLz2tOSiV3Jm-rg9mWPfNJfTJToEtdcu1yuGmuOYsKHys15xpF8QmYO-xX5TdKuqF&sai=AMfl-YTqRk8zKADDfWtYUp-9JRAsDs6AMWa9bAbSxlWVPTgkVTbZUrn3ZIe9JoBXtv-a6dWFvPaOWNe5HDlIuB7d1LPyq0yL51A0HeisHCL43ZY8KyKzGzyNaSZsGzsv0j9Ky1pmTxjxawMR0BA7DEiQ&sig=Cg0ArKJSzK8nd8nzh9DXEAE&cid=CAQSTgDICaaN7JFqgGhGJTeUm71gwEpa8gMVU-1njx9tcqKlDKYgR5PCooabJ0rgLvkcZWm__q7Rfzm8ie-JntinwKJ3s88W2YEC4EN9C2am4RgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700311431493&rpt=1057&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 12:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 2473ms
2472ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2948566692002930&bg=!oqGloe7NAAZxrfrxUa07ADQBe5WfOIO0rJeea5ITjzIGxgHcdKOIcN0a6UnGOvhZ2BJf_elZvRIzSyjFqTFnDol7liIwAgAAAEZSAAAAAmgBBwoAAWeZAs8r7QSOoiUjxSaldx60HFk06HOo7YZA58eT4Et-a419exJxyLg7vzOiVQQXG6zup-yKAU6YTfSyW9VNE5IlOXmIoMB9ssoa6GHURFjs_6TGgYrBtIgChQr013A_NdIKwW-yu9avZPkXKFtH6-qnY3jOkn8reg4XSYP1I6sOrZdnD1vgFbuJEY9SgNFrzknjpetXHLhQGATCBjiKaoaIkyiHiCwEgGvXjRkXVR9RNJmSpv_amdX0Gd6vbPvVnF2-A47zpEZqax721i9qgDDLGCp_LVJqVy_bJ38sQSlmi4pPKU2S3tilKjkNCj6m5VftDK3AoKtR4GGBeO9VpXIk2p75fMNfO1ek9wmmijkQjDJGxEAiRKQwsesxmd5mvNuhNc70sb98hNESC0xgc3p3r13C3qWnYaakjZYnmEk9ve_9vWpDRIw6m1eRE3r0AfbGKC4DhAW7fd1ZHDici7w0xiBHGpzSq2vAbjytvgLGoZt3H0ibhaC2yQXafubpAFMqfTmf74g5ppfzRdPAwiVt4LnrmblcCRmbJeaYleFKTp3bLEjfCt4AMjOWgEYCmT-bPaBNEgN6JKeohoVOWg65qEi-e9dyZVij9BkudGh8tH0ImYxaJpXcvBnT04Q7Q4TVbDJHbGmJCyPWxzZWRCwXeWnsiNETr0Q4hYablUqnteIwkGXIFnow5jmhNOb8jLDT9saiESAHrqN4jD8mxQ93hlBGIfxxny0Qpjel8CbfzK6orLu9Pg5Jgkz1BSBN_FjFrbXsB9vRCX5ZYPWjiZoi5HORDwMF3AxYE4aXs9S53Sn6jsvy76abEDlzUA8i40wRYGB09RLyN60c_eieK-RmEgm4FG9U3_Vgaua_ezsVA9FgzF7jkscGffWb16G3HH9UbPbaP5dh5K37nLM13Gbimz6lT-YTmnaqzfRU8zSb91UV_y_IDXAtMUf4xvGnSOlPAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andronishoneymoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?cBxHOQ

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.andronishoneymoon.com/	1970-01-21 01:04:07	Name: _ym_uid Value: 1700311432421013271
.andronishoneymoon.com/	1970-01-21 01:04:07	Name: _ym_d Value: 1700311432
.mc.yandex.com/	1970-01-20 16:18:32	Name: sync_cookie_csrf Value: 3293077908fake
.yandex.com/	1970-01-21 01:54:31	Name: i Value: /pbmHvZmBbk3pt3Tnsvzaqcoo3IR7zIhp/rvXcxd22EhtBLEBgSmculsj3YJj3d84Vxnse6+sIYmr7GEheWgjd1aYK4=
.yandex.com/	1970-01-21 01:04:07	Name: yandexuid Value: 3390588391700311431
.mc.yandex.ru/	1970-01-20 16:18:32	Name: sync_cookie_csrf Value: 1659724075fake
.andronishoneymoon.com/	1970-01-20 16:19:43	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 16:19:57	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:54:31	Name: yandexuid Value: 3390588391700311431
.yandex.ru/	1970-01-21 01:54:31	Name: yuidss Value: 3390588391700311431
.yandex.ru/	1970-01-21 01:54:31	Name: i Value: /pbmHvZmBbk3pt3Tnsvzaqcoo3IR7zIhp/rvXcxd22EhtBLEBgSmculsj3YJj3d84Vxnse6+sIYmr7GEheWgjd1aYK4=
.yandex.ru/	1970-01-21 01:54:31	Name: yp Value: 1700397832.yu.2653659431700311431
.yandex.ru/	1970-01-21 01:04:07	Name: ymex Value: 1702903432.oyu.2653659431700311431
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 416477741700311432
.yandex.com/	1970-01-21 01:04:07	Name: yuidss Value: 3390588391700311431
.yandex.com/	1970-01-21 01:04:07	Name: ymex Value: 1731847432.yrts.1700311432
.yandex.com/	1970-01-21 01:04:07	Name: bh Value: KgI/MA==
.andronishoneymoon.com/	1970-01-21 01:40:07	Name: __gads Value: ID=93edc1c77dff66db:T=1700311431:RT=1700311431:S=ALNI_MbB3F_XNsEeIwekfZxROJKs18EBQw
.andronishoneymoon.com/	1970-01-21 01:40:07	Name: __gpi Value: UID=00000ccb97a68ead:T=1700311431:RT=1700311431:S=ALNI_Mav2cL4l8R7pC3R_bLvsO3zUr4A-A
.doubleclick.net/	1970-01-21 01:40:07	Name: IDE Value: AHWqTUkoKQXjqNq1p8FcnM7S_UNaMIuOD3HHZJiaaA6FUwO5F-XioUJIdv6jv6rW150
.doubleclick.net/	1970-01-20 16:18:35	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 18:28:07	Name: UserID1 Value: 7302781997751400590
.ctnsnet.com/	1970-01-21 01:04:07	Name: gid_CAESEKdde3wxyDnu2gQ1CtK3vrA Value: 1
.ctnsnet.com/	1970-01-21 01:04:07	Name: cid_d867a932e75a4a9188c282aaf9ddacc7 Value: 1
.googleadservices.com/	1970-01-20 18:28:07	Name: ar_debug Value: 1
.de17a.com/	1970-01-21 00:56:55	Name: guid Value: 1.8690600151511462963
.everesttech.net/	1970-01-21 01:04:07	Name: everest_g_v2 Value: g_surferid~ZVixiQAAAmwK3QBd
.yahoo.com/	1970-01-21 01:04:29	Name: A3 Value: d=AQABBImxWGUCEIqjywxCeTRpJ9hct2J3htMFEgEBAQEDWmViZQAAAAAA_eMAAA&S=AQAAArCooTA1F5AeK3cGEi0UhzE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andronishoneymoon.com
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
tpc.googlesyndication.com
142.250.184.194
151.101.2.49
172.217.18.2
213.155.156.180
2606:4700:3030::6815:566c
2a00:1450:4001:803::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a02:6b8::1:119
2a05:d018:d29:3601:af70:5903:a54a:226c
3.124.69.248
35.186.193.173
51.89.9.252
85.114.159.93
0834be98d0a0fe1c99f6286ab82e2b4680402028993e2dc5f21614e7ef71c547
0a03e20bfb3b952f2f079b4e751209ef6c126d3470ef6eee0a4733db81b96ffa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d2fadbd21b6eb74f375e534c2d207cd9fddb3ff8d218a634b48f0cd4ba25a6b
0daf844710614138ad93ccc63bae5b8d2575780a5330e662f1375a03d8951aa5
15535215b5db9ea038767b8150999c58a8b8658915b3d1f0030b1e1a710997f7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19393b775b767d2f772a226e0d33f4a9929673944900caf8d2f5eee3cbc7a5a0
1b465008bf36be43edab0807ec3abd2cbaf7ef002c34b20b980de4e8461f4b49
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2a71cc8fa2cf3afa73cd0d08e31c2d2e514a482e6a29944fd38d629f576da2e8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2f5f16d5d6d081c69227083ce58622d12e981ea8c11ce576ccd74ca742362eef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3966ea752375e1a0a3e1dfb4280c340b8f6dfc7838a3acce2b7751bf6764e3bc
397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
476b38ed26a338a10b6dd8ee24f965bb1e3579bc13ed14e498b8335e8af51f13
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50abbd0d8e5a276b1096eeea25bfa9cb5baa10d94d4d8d906a43291afbde90e6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b3aba44b063828c6669e0e5c3baf9898033b0c1fa3c0390be6d9d1e523e0436
5c147dc50e20c5cc9ef002fb94bca4fde5b828b5ad45a045728520086ef4487e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
669e27987064939c6d5d9a0fd482ca2e60b8116974e12283f8fe4ffc19530798
676a4495d9a94a08af3af87eabb672638b1846bf8c11cfb3026edd30305c9e38
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
70807d7f9157a7c670b2bbbc2af3ae4eedebb0e7294848144bfe1eefae7d63e4
7851e5af3cad5f3eb955308cb92fb81552bec4d0ca888f9cd7ac8e2570211cea
79141984bd09040b7ec8cbc073684996051f0b5ba8e880b6fa5892de1bf64cda
7d6bc0d751d9be88ce8b1e1aca430a75b8ab715bdde11410f16c8f5b276dc588
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8b5eeeb57bd5f7d2025991b865261fc36f520807b085c5a7089bb5c981f7216f
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9964ce0e11ea8cd3285c79fe3988599b26ebefd7069e216f306295b2e32cae34
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc82acb4404a3f56c3a42144df7ae765ea5ddee67585486b7aa67102845de6f
9f6cd7a9517b0e0988451c2e92b0f14b523522fa801ad26854131a85ae6244a8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
ae3387da6d4be0448928bf47c59fa5612c97caca80eebe48c026da41a78ddcc8
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b696b8a79f385681c9e8c4de70135ed69fe3581d0a224374859fd197818598c1
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bbcbb3c43f30e03f73f1686168883c63e92793463d00081915f7577d5f34b6fd
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bccbb840d4b44ae247f66fba13102bbf3537143fe775bfac8a601a43a8fba3d4
be4f61f12466e376896a4a4ffc670d03f12062c0229f945a26a3697dab27881d
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c43adcd86e1ad381a42bca03ee32e543a5ddae1ae0e59a356b52ff166cdc427e
c86e183995d42d069cdf501e7605562c081cd7aac3b779abe3f69af717d4dd47
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d859787f006c16aaad4722ec0ba30f1aba051be238588db484834b745e238749
dc0f26c74a277ea3f73887f9e95716b602a2cb708c10d4ce1fcebc597e75fd9e
dcce4cb5fb974938462f804d6c16314a338e81cae737f24e49a003e546f9b1a4
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e25170e484659f4ff452fb0d842bdf05455b747373acd31017e717451907d671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e4cd9b0c3c9b5efcca1cde65e75b1cf3e58a4aaabd661c8bf5ed9159dd5fdfbe
e9f5e6153e8c4eafc6e2c8791ebdd3530062d99efd372c5aa68e86b80dcfecf4
eb28dfb329c50b9722c47e2b740db6affafd65f6f505b2028560110dc9a33ce5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f5016a660b7a49aeab17f87546c126106c8c5878d33be49879e31acc8aee5109
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f720fa3a0e701763ea2f12d7c72d94fd8fe0cd253f3a029a4db4f61571731da6
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fd493524c8be6d84cf95959f93103680b3faa2a47c92482d43ff1836d8c08055

andronishoneymoon.com Open in urlscan Pro 2606:4700:3030::6815:566c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

92 %HTTPS

58 %IPv6

17 Domains

20 Subdomains

14 IPs

6 Countries

2962 kBTransfer

5834 kBSize

28 Cookies

41 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

andronishoneymoon.com Open in urlscan Pro
2606:4700:3030::6815:566c Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

92 %
HTTPS

58 %
IPv6

17
Domains

20
Subdomains

14
IPs

6
Countries

2962 kB
Transfer

5834 kB
Size

28
Cookies

142 HTTP transactions
2 data transactions