spdflashtool.com Open in urlscan Pro
2606:4700:3032::ac43:df2e  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=spdflashtool.com&sn=ChromeSyncframe&so=0&topUrl=spdflashtool.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=dGhjAnw5OWNYMGRsQ3NPdVVYVkMycWtGVmZHc2tEMTAyWmRuMWpPU1plTXZUTnR1VFVKUmVmTmhtNFpLRjY4ZVNERmFjUy9OZHBSbml1cm9hOUVudStNcmdqVE5OMlRuQUNjdm5ZUzY5bEtpSEJoSERVMFZtMkg3MjAwYjQySk5vZm9IVkZYUHR3UWJLVGFVOHBxMlQ3cCtZYTl6S2k5NnpaemFjVU5vRTNRWGR4K0o5V2ovTG9hYmRLTGlzSG00bHp1cWlOcmQzV3QrTW5Rdm5jY3RDSk1BZEJsTFFyUFdUT1NtcExrYnpqcUIvN2xkbDNCS0dvQy9rb1VMWWF0SFZVRTBYWTJyamVOWS8zQ0dZTHdwSXZiQ0RoUT09fA&cppv=2

Request Chain 54

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1

Request Chain 55

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1

Request Chain 56

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1

Request Chain 57

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D

Request Chain 68

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1

Request Chain 69

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1

Request Chain 70

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1

Request Chain 71

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D

Request Chain 105

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1

Request Chain 106

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1

Request Chain 107

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENJvXdagF3FojxcMtopp7-0&google_cver=1

Request Chain 108

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D

Request Chain 147

• https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20343398390&bidurl=https://spdflashtool.com/category/download&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_8VICmz352hHThsVGUPCH&adContainerId=brand_safety_PSAKZfC1F9O7x_APl9a70AM&cbFunctionName=goog_wrapCb_PSAKZfC1F9O7x_APl9a70AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fspdflashtool.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fspdflashtool.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8b48ee5d-389b-a958-bdfd-876dfbae4799,c:oHPrgr,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-wpdjt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tQlqNIW+11%7C12%7C13%7C141%7C151%7C1521%7C153%7C16%7C17%7C18*.990511-61634096%7C181%7C182%7C183%7C1911,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:26,oid:ac183b08-573b-11ee-a407-1aa3e24ba07b,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4a.js

Request Chain 156

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 157

• https://s.uuidksinc.net/match/47/?remote_uid=CAESEFN6nL8lFiGlLwHGnBEY0tg&c_param1=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC

Request Chain 158

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGOLi62jD1NRPbivsT7Ddjs&google_cver=1&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pMnw41J7ue02vZQDw5thL0kjFIW HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1RVlhZRkQtMTYtMVBCMg==&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pMnw41J7ue02vZQDw5thL0kjFIW

Request Chain 162

• https://an.yandex.ru/mapuid/google/CAESEJC9K_e4jSLrcR8EX0PRMSQ?ext-param=AXcoOmSRYqKOrbrXTTsQmIEsoXZ4glRcazdWbTo7c1BjKAFCsoxwnu6MQ7woeeqOtWtKVSXbaXC9_Ot-QruRMWqsq4Wz-rXlNhpJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://an.yandex.ru/mapuid/google/CAESEJC9K_e4jSLrcR8EX0PRMSQ?redir-setuniq=1&ext-param=AXcoOmSRYqKOrbrXTTsQmIEsoXZ4glRcazdWbTo7c1BjKAFCsoxwnu6MQ7woeeqOtWtKVSXbaXC9_Ot-QruRMWqsq4Wz-rXlNhpJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJC9K_e4jSLrcR8EX0PRMSQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 169

• https://fw.adsafeprotected.com/rfw/st/1450266/71191763/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014315727&ias_pubId=pub-2840258101411863&ias_chanId=1&ias_placementId=20517361851&bidurl=https://spdflashtool.com/category/download&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0jCukeyzKW6QzSVnrdT2VP-&adContainerId=brand_safety_PSAKZY-2KeSgx_AP1dO0iAQ&cbFunctionName=goog_wrapCb_PSAKZY-2KeSgx_AP1dO0iAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fspdflashtool.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fspdflashtool.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2840258101411863%26output%3Dhtml%26h%3D600%26slotname%3D4532792211%26adk%3D3802136983%26adf%3D369960317%26pi%3Dt.ma~as.4532792211%26w%3D300%26lmt%3D1695155228%26format%3D300x600%26url%3Dhttps%253A%252F%252Fspdflashtool.com%252Fcategory%252Fdownload%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1695162428136%26bpp%3D1%26bdt%3D299%26idt%3D287%26shv%3Dr20230918%26mjsv%3Dm202309140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x280%26nras%3D1%26correlator%3D261966524884%26frm%3D20%26pv%3D1%26ga_vid%3D1221908341.1695162428%26ga_sid%3D1695162428%26ga_hid%3D146642078%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D985%26ady%3D596%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31077701%252C42532402%252C44785295%252C31077705%26oid%3D2%26pvsid%3D3500873756716162%26tmod%3D366320996%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3Dm478xYBgHI%26p%3Dhttps%253A%2F%2Fspdflashtool.com%26dtd%3D290&adsafe_type=d&adsafe_jsinfo=,id:c54ae9f6-1092-40e2-f644-cbad6b6dae24,c:oHPrlu,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-dhbpw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:10,mot:0,app:0,maw:0,fm:tQlqNNU+11%7C12%7C13%7C14*.1450266-71191763%7C141%7C151%7C1521%7C153%7C16%7C17%7C181%7C1821%7C183%7C184%7C1911%7C1a,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:ac2e81ad-573b-11ee-aecf-3611d8f0b8c4,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4a.js

Request Chain 215

• https://googleads.g.doubleclick.net/pagead/adview?ai=CWlaCPCAKZaHMHL2d78EP_fKL2A66qf2Gc5fh0r_wEZjc58mPDhABILm_uSFglcKmgrAHoAGHv-DIA8gBCakCunSCthOakT6oAwHIA8sEqgTnAU_QcQY-UNbvzVouPTdnSZMIyGdif4vrs58ow9cj2lrTwqysj7H7vkpT3qV1mKyB9SEolaIv7iN1Oto6odqQiWY4MSID2vw8hsqcOXne9mFTv7U2JgYKMkUT8dGOFP55FHInoURy5W-Q5_BhY4jN4Czl7ueeTjVtJ-SiJkskz8Xf3ZB4zOi2g1Sxp46shziClwobzGXVZC_7Q2ac0MN-cFiUmyq5j0ww3Qq4roTl68fYzI3O7qmNbr5-7bEj5JzOccNVNrQCOksD6vyHD-wbJI2LtQqEc42HO5uRSgC5DgWu-gSjK_0IKsAEv-mlwrUEiAW25cW1TJIFBAgEGAGSBQQIBRgEoAYugAfhwJ83qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoYE40ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJiwJodHRwczovL2RlLmlnbmFseS5jb20vZHNyP3E9UnVnZ2VkaXplZCUyMFNlcnZlciZhc2lkPWl5X2NoNjUwJmRlPWMmc2NsaWQ9MC0yNDI4MyZnY2xpZD17Z2NsaWR9JnJhYz1SdWdnZWRpemVkJTIwU2VydmVyJnRlcm1zPW9ubG9naWMlMjBtaW5pJTIwcGMsaW5kdXN0cmlhbCUyMHBhbmVsJTIwbW91bnQlMjBtb25pdG9yLHBhbmVsJTIwbW91bnQlMjB0b3VjaCUyMHNjcmVlbiUyMG1vbml0b3IsYmVzdCUyMGluZHVzdHJpYWwlMjB0b3VjaCUyMHNjcmVlbiUyMG1vbml0b3KACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjg0MDI1ODEwMTQxMTg2MxgA&sigh=uyz5DLLdv8w&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWjjAyrybPvxe2afsLNpQvcOlhnxsW12qAG49EHpeu1CBXM3FK565DMUnt5NyuVCfVDHDLZmHdWTJwKUcaApvKf3bz6iwTFBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229510797710993833389%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22957882247%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216456634976824668129%22}&andc=true

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request download Show response spdflashtool.com/category/	49 KB 18 KB	371ms 238ms	Document text/html	2606:4700:3032::ac43:df2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:df2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab8cd70a6d52421c681604577fae6c7f318b0669100d4bdb5e1adf865f644bb0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8095411499e03a49-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 22:27:07 GMT link <https://spdflashtool.com/wp-json/>; rel="https://api.w.org/" <https://spdflashtool.com/wp-json/wp/v2/categories/2>; rel="alternate"; type="application/json" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQUOC8GqZqOo2kis%2FHxZ6FNMmx8cR%2FXdtUL8YDjTZjc19qJ0CzVCszV66nSQzkXfyP6r82WSpwuqYPSCR1hW54Ph3vrI5b3DqfrFaTZH0Y4YT6ef0YTRf7ujvnChAWF3XJJFrnEAPjwvNnpFf%2B88"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-runcache-type native x-runcloud-cache HIT x-xss-protection 1; mode=block
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	207ms 100ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a788b12a77ec41b92019bbc73e8a6b1e8c5209da5b0ceb59aa8e7eecdb6e6822 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:07 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50636 x-xss-protection 0 server cafe etag 12878283852178074489 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:07 GMT
GET H2	200	up.js Show response live.demand.supply/	5 KB 3 KB	318ms 212ms	Script application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9561476f996c2106bcbf3039a0029e59670d9a7d2854f3c3d86b0152f999fb0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01HAAPFKXS6C0TWVX10X7HF12W date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br cf-cache-status HIT age 52 cf-polished origSize=4393 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 80954116ca5f30cf-FRA link <https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/c3BkZmxhc2h0b29sLmNvbS8=>; rel=preload; as=script timing-allow-origin *
GET H2	200	spd-upgrade-new-fi-319x200.png spdflashtool.com/wp-content/uploads/	9 KB 10 KB	158ms 157ms	Image image/png	2606:4700:3032::ac43:df2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://spdflashtool.com/wp-content/uploads/spd-upgrade-new-fi-319x200.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:df2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2a2abb5b3cd5f10229b0ca53cab6196a25b7508d9986ee4558663e8d984b7d3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/category/download User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:07 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 9592 x-xss-protection 1; mode=block last-modified Sun, 13 Aug 2023 18:54:11 GMT x-runcache-type native server cloudflare etag "64d926d3-2578" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxT5363bXGRfCZ3v2syGkVz%2BgCksboDmgGXO7cFjHn9KPoWZXvA8nRB7QOeFSSTX3PSqhCAiCatUPjCX1HoTJhGEiXksgzTet1CsxXzyRd0FeMA5CwuYuv7YGeElEBp%2FyyivsxS9ee6BSwsytmtt"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=2592000 accept-ranges bytes cf-ray 809541162b573a49-FRA expires Thu, 19 Oct 2023 21:36:14 GMT
GET H2	200	spd-upgrade-fi-319x200.png spdflashtool.com/wp-content/uploads/	8 KB 8 KB	463ms 463ms	Image image/png	2606:4700:3032::ac43:df2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://spdflashtool.com/wp-content/uploads/spd-upgrade-fi-319x200.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:df2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fb3afa575a3156e424ba8b3966036b5c088c3c5f3f754ffd2bc2b81b7e0b0d2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/category/download User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 8097 x-xss-protection 1; mode=block last-modified Sun, 13 Aug 2023 18:54:10 GMT x-runcache-type native server cloudflare etag "64d926d2-1fa1" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljONgS6vnubagU22zfQQafszyUCb6iEYAzZBx82tUTpCR4oNO03e3Fvaz3BRGAz59G%2Bqfhn5yU%2BRVa6NIQ3s1VrEdscyrEihZwHWDuW16xtgQuW%2Fx4EgBVHPnvkArI1Q3k56KF2tuGHEVseLUuRw"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=2592000 accept-ranges bytes cf-ray 809541163b683a49-FRA expires Thu, 19 Oct 2023 21:36:13 GMT
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4dff193e0f69402b395699f7ee6992528978c133092e8277309cb2c9ff3efca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	463 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 83ed95482d7f3126b555efe2a06c4812af9f6df7d7ac26a809e8b4aecffa78d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	5 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9663a73abe40581b6babf9e91fa60103a92d152597d37d1a42d88a0ccd133c35 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/	379 KB 129 KB	126ms 125ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash aedc534c898627f90eafa75867b8ecfe7509fd6b256c5923a685d1075d6f61ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131561 x-xss-protection 0 server cafe etag 11276353216661365554 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:08 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame 0225	10 KB 5 KB	140ms 46ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6188 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4438 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 20:44:00 GMT etag 8554266389219770021 expires Tue, 03 Oct 2023 20:44:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	impl.v17.15.0.js Show response live.demand.supply/	82 KB 27 KB	111ms 108ms	Script application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v17.15.0.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01HAANKZ94E4GT7BEZGRJJD566 date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br cf-cache-status HIT age 439610 cf-polished origSize=84620 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 809541182c1b30cf-FRA
GET H2	200	c3BkZmxhc2h0b29sLmNvbS8= Show response live.demand.supply/p4/v17-10-0/	1015 B 577 B	667ms 664ms	Script text/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/c3BkZmxhc2h0b29sLmNvbS8= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08833c5a0e38e98d8532a86de588c1f2aa60fee318119a2864450bdb4e0cc74 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 809541182c1e30cf-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/e/	0 517 B	99ms 51ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=323&cs=c&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:08 GMT cf-cache-status HIT age 967327 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 809541187fbbbbcd-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 29 KB	201ms 103ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a41bf88b0a6f46f397878cdb01b593fa8f848827c3b01247299ac9652aaebae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29569 x-xss-protection 0 server cafe etag 56 / 19619 / m202309140101 / config-hash: 10560056370792808416 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:08 GMT
GET H2	200	c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Show response live.demand.supply/p4/v17-10-0/	1015 B 646 B	397ms 395ms	Script text/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08833c5a0e38e98d8532a86de588c1f2aa60fee318119a2864450bdb4e0cc74 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 809541182c2230cf-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ds.2.html Show response live.demand.supply/	413 B 588 B	193ms 146ms	XHR text/html	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8PWGXZ2VAZSXJ53XPZP7Q8Z date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br cf-cache-status HIT server cloudflare age 444076 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 809541187fb9bbcd-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/x/	0 478 B	147ms 145ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=fs&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01HA10Y5SY52VEHBAMYEQ77459 date Tue, 19 Sep 2023 22:27:08 GMT cf-cache-status HIT age 461760 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "0189f0f87e454fe50787f97993385017-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 80954118f84abbcd-FRA
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	399 B 607 B	179ms 53ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=spdflashtool.com&callback=_gfp_s_&client=ca-pub-2840258101411863 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47e7ac6e6d85ee3ec55e197e2e9e9fa5c8888cb020761fb3664c953484fffa0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4444	181 KB 52 KB	1164ms 1163ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&adk=1812271804&adf=3025194257&lmt=1695155228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428128&bpp=5&bdt=291&idt=233&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=261966524884&frm=20&pv=2&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=267 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d38055a56fc59797aab64755df7727fd9d3c150bf8e1d331ca60fd31f1815e55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 52747 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Tue, 19 Sep 2023 22:27:09 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3D7E	120 KB 39 KB	1090ms 1090ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7911e7a1be3e09f4fbbe049a0d5196c0823cf6f47268eb1a7c6b6550108f1d4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40170 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Tue, 19 Sep 2023 22:27:09 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1865	21 KB 10 KB	991ms 989ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a865edd31085f49c1c3066b6e7a3bda9621a492e240fb59af722bf8b9da6d2dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 9725 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Tue, 19 Sep 2023 22:27:09 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2D26	21 KB 10 KB	532ms 531ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b943ed9a6e3624d7a89f8cdfed846f5dcda99112e661b3ce30c945c99dabc77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 9701 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:08 GMT expires Tue, 19 Sep 2023 22:27:08 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/	409 KB 129 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:33:19 GMT content-encoding br x-content-type-options nosniff age 10429 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131810 x-xss-protection 0 server cafe etag 9411153894055172020 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 18 Sep 2024 19:33:19 GMT
GET H3	200	spdflashtool.com_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	30 B 373 B	178ms 178ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/spdflashtool.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be484d509df9c19b27e363e9ca8aea7b599eb57c2582ee7ac0bec167963efd0c Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8095411aba2dbbcd-FRA alt-svc h3=":443"; ma=86400 content-length 30
HEAD H3	200	e.js Show response live.demand.supply/e/	0 477 B	161ms 160ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=spdflashtool.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:08 GMT cf-cache-status HIT age 967327 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8095411aea5ebbcd-FRA
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	3 KB 3 KB	167ms 39ms	Script text/javascript	2600:9000:2250:c000:a:e047:753:6381 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:c000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY Date Tue, 19 Sep 2023 05:20:17 GMT Via 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P2 Age 61612 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Content-Length 2776 Last-Modified Wed, 06 Sep 2023 03:40:59 GMT Server AmazonS3 ETag "a3a9a9ee8e72db69d54e805f0586c651" Content-Type text/javascript Accept-Ranges bytes X-Amz-Cf-Id ZcxipgXIHMSa77be20zNulew0njHHXmBqg4WkULg6y9Zzuj18LRw6A==
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	43 KB 14 KB	195ms 91ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 07 Sep 2023 09:22:37 GMT server nginx etag W/"64f9965d-ab99" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Sep 2023 22:27:08 GMT
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	141ms 42ms	Script text/javascript	18.239.18.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.18.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-18-118.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 02:44:08 GMT content-encoding gzip via 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop AMS58-P6 age 70981 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id b5XwySO9vQDbhYZaUuC794PhrP8hl14wqRHfe3mgc8XfFVRHUW-9BQ==
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	139 KB 31 KB	141ms 53ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Fri, 08 Sep 2023 09:30:49 GMT server cloudflare x-amz-request-id K8M291YY143Y9NV6 age 2647 etag W/"1a5f44cdb786ba83a7fa05963228f464" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 8095411baffe1e10-FRA x-amz-id-2 gmcu4s9gLW9PLFYvfvWWpbf/F5rb9XAshtYMwJ+B139RAcEjhW+CY3Yb6q076EjxehpIKxQE2k8=
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	133ms 45ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15042 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230042-FRA, cache-jnb7027-JNB x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrWQ7xj0YYobjO%2FgTNS%2BJ0O%2FT7QzQxPMACnAUJZqdmWd3iBb4RzfenGcT6bt3g37bEgpw6SDlqYeLfDlU8l2CrNKEFoeFCWE%2BKRqjip2r6ArljhYJowJQSNyz5WqoX8ek5NfyyvAeGFds5uKy04%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8095411ba9da18c5-FRA
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	161ms 58ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:08 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context e30538267ab58b5a1734ceb2c20867dc alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	978 B 517 B	397ms 396ms	Fetch text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3500873756716162&correlator=168545896888130&eid=31077695%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2C94da53ac-f4d1-4398-b6ef-8aace899daa8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D6b45e4d658112e9f-22d380917dde00af%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MZRzsppJa0LYUkf8BynKv4D1ovMlg&gpic=UID%3D00000c790b778528%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MaN2EopU598z7Vt_k4qexrB7bY9tQ&abxe=1&dt=1695162428633&lmt=1695155228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY1dm3_KoxSABSAghkEhkKCnB1YmNpZC5vcmcY1dm3_KoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNXZt_yqMUgAUgIIZBIXCghydGJob3VzZRjV2bf8qjFIAFICCGQSGQoKdWlkYXBpLmNvbRjU2bf8qjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNXZt_yqMUgAUgIIZA..&dlt=1695162427837&idt=753&prev_scp=ti%3D753536f6-6940-4786-93ae-bceefc63521f%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D87&adks=2169954628&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3bf14e6b0900259f5ecbe164748950e6501750ddc8e3c450f8dcc5a7d40ab11d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 486 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://spdflashtool.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 822F	6 KB 3 KB	193ms 47ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:08 GMT expires Wed, 18 Sep 2024 22:27:08 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/	38 KB 13 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f0b6ecf9b0675055a440c13b8a67530fef79d28cb582bcd31a77e15b50b72368 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 13:12:16 GMT content-encoding br x-content-type-options nosniff age 33292 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13639 x-xss-protection 0 server cafe etag 15988943048180208822 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 18 Sep 2024 13:12:16 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 478 B	68ms 67ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=spdflashtool.com_auto_728x90_sticky_display_bottom&pdc=0.07251023054122925&ucv=null&e=tcp&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:08 GMT cf-cache-status HIT age 967327 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8095411beb77bbcd-FRA
GET H3	200	sdb.css live.demand.supply/css/	4 KB 2 KB	71ms 70ms	Stylesheet text/css	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/css/sdb.css Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H95R0W3H9SMVPKTQMTQBKKQX date Tue, 19 Sep 2023 22:27:08 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 1258382 etag W/"ca59855b4714df36e4972d3d4157366d-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 8095411bea221c1c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	21 KB 10 KB	312ms 311ms	Fetch text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3500873756716162&correlator=2796866179479474&eid=31077695%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Cb16224f8-9d57-4b56-910d-b077e535814f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6b45e4d658112e9f-22d380917dde00af%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MZRzsppJa0LYUkf8BynKv4D1ovMlg&gpic=UID%3D00000c790b778528%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MaN2EopU598z7Vt_k4qexrB7bY9tQ&abxe=1&dt=1695162428763&lmt=1695155228&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY1dm3_KoxSABSAghkEhkKCnB1YmNpZC5vcmcY1dm3_KoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNXZt_yqMUgAUgIIZBIXCghydGJob3VzZRjV2bf8qjFIAFICCGQSGQoKdWlkYXBpLmNvbRjU2bf8qjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNXZt_yqMUgAUgIIZA..&dlt=1695162427837&idt=753&prev_scp=ti%3D753536f6-6940-4786-93ae-bceefc63521f%26chrand%3Dy%26pof%3D0%26bid%3D0.04%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D87&adks=4274210003&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6cfd2ecbe70b3b5b1468f1961dcf5d9f053e97e9716700064e145ac19e82a354 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10023 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://spdflashtool.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 334 B	205ms 62ms	XHR application/json	34.249.118.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-118-122.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 6638bd90e3defb199633f98240bf66f718687b565485e0663c42597a86dc1ccc Request headers Referer https://spdflashtool.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:08 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://spdflashtool.com cache-control no-cache x-server 10.45.31.32 access-control-allow-credentials true content-length 60 expires 0
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 325 B	139ms 42ms	XHR text/plain	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://spdflashtool.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://spdflashtool.com date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	syncframe Show response gum.criteo.com/ Frame B0A2	15 KB 6 KB	147ms 55ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=spdflashtool.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:08 GMT server Kestrel server-processing-duration-in-ticks 307144 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D26	42 B 63 B	77ms 76ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Clw33FSERACCg1n_A21p26xP2xAE47YH2TGwA5qvxs1Uet0t6NCiVhavuAv-07o4zaaGSucY1aBOtgaxIHze_zMf281f81csS9KhpoS8eRDiZKqWE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D26	0 20 B	77ms 77ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5766726415342266555&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 2D26	89 KB 31 KB	118ms 117ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31438 x-xss-protection 0 server cafe etag 13183557946744512263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2D26	3 KB 1 KB	160ms 56ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18031 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2D26	20 KB 8 KB	145ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2D26	182 KB 57 KB	2446ms 2327ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2F36	624 B 246 B	83ms 82ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiqv7b3ATAB&v=APEucNW3p8w29aFHqfkYYFPk2n8LOxTBj8ykS2wLDrUITF7hBgsJa55w_EwlTO6kJtGTQYU3DJBNiC-V_nlCtabFr37ml6YTKHsIUkJ6lzrq0UmJqn4x7FCigAGhbrEOEgXtraBs4mWutSsJR7D19dFwC8vAAVmJRjEJyQ3D89NPchDsLpqj28I Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Tue, 19 Sep 2023 22:27:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sid Show response mug.criteo.com/ Frame B0A2 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=spdflashtool.com&sn=ChromeSyncframe&so=0&topUrl=spdflashtool.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=dGhjAnw5OWNYMGRsQ3NPdVVYVkMycWtGVmZHc2tEMTAyWmRuMWpPU1plTXZUTnR1VFVKUmVmTmhtNFpLRjY4ZVNERmFjUy9OZHBSbml1cm9hOUVudStNcmdqVE5OMlRuQUNjdm5ZUzY5bEtpSEJoSERVMFZtMkg3MjAwYj...	444 B 673 B	186ms 44ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=dGhjAnw5OWNYMGRsQ3NPdVVYVkMycWtGVmZHc2tEMTAyWmRuMWpPU1plTXZUTnR1VFVKUmVmTmhtNFpLRjY4ZVNERmFjUy9OZHBSbml1cm9hOUVudStNcmdqVE5OMlRuQUNjdm5ZUzY5bEtpSEJoSERVMFZtMkg3MjAwYjQySk5vZm9IVkZYUHR3UWJLVGFVOHBxMlQ3cCtZYTl6S2k5NnpaemFjVU5vRTNRWGR4K0o5V2ovTG9hYmRLTGlzSG00bHp1cWlOcmQzV3QrTW5Rdm5jY3RDSk1BZEJsTFFyUFdUT1NtcExrYnpqcUIvN2xkbDNCS0dvQy9rb1VMWWF0SFZVRTBYWTJyamVOWS8zQ0dZTHdwSXZiQ0RoUT09fA&cppv=2 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 1e30c272d2e31553a7945fb9c59e7205a21084cb8a4aa2c894273f359f218e71 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1165174 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:08 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=dGhjAnw5OWNYMGRsQ3NPdVVYVkMycWtGVmZHc2tEMTAyWmRuMWpPU1plTXZUTnR1VFVKUmVmTmhtNFpLRjY4ZVNERmFjUy9OZHBSbml1cm9hOUVudStNcmdqVE5OMlRuQUNjdm5ZUzY5bEtpSEJoSERVMFZtMkg3MjAwYjQySk5vZm9IVkZYUHR3UWJLVGFVOHBxMlQ3cCtZYTl6S2k5NnpaemFjVU5vRTNRWGR4K0o5V2ovTG9hYmRLTGlzSG00bHp1cWlOcmQzV3QrTW5Rdm5jY3RDSk1BZEJsTFFyUFdUT1NtcExrYnpqcUIvN2xkbDNCS0dvQy9rb1VMWWF0SFZVRTBYWTJyamVOWS8zQ0dZTHdwSXZiQ0RoUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 280305 content-length 0 expires 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 479 B	59ms 59ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=spdflashtool.com_auto_interstitial_desktop&e=nai&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status HIT age 967328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8095411dcd35bbcd-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 477 B	53ms 53ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=spdflashtool.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status HIT age 967328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8095411dcd3abbcd-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	177 KB 52 KB	343ms 341ms	Fetch text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3500873756716162&correlator=1875374159627480&eid=31077695%2C44801493%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Cf7d20133-767c-4852-a122-eb345da61b82&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D6b45e4d658112e9f-22d380917dde00af%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MZRzsppJa0LYUkf8BynKv4D1ovMlg&gpic=UID%3D00000c790b778528%3AT%3D1695162428%3ART%3D1695162428%3AS%3DALNI_MaN2EopU598z7Vt_k4qexrB7bY9tQ&abxe=1&dt=1695162429071&lmt=1695155229&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY1dm3_KoxSABSAghkEhkKCnB1YmNpZC5vcmcY7dq3_KoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNXZt_yqMUgAUgIIZBIXCghydGJob3VzZRiO27f8qjFIAFICCGoSGQoKdWlkYXBpLmNvbRjU2bf8qjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJbct_yqMUgAUgIIag..&dlt=1695162427837&idt=753&prev_scp=ti%3D753536f6-6940-4786-93ae-bceefc63521f%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D87&adks=3599146698&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e26a7f818e7a95e572a78fd0153181b10500074a1e3658f9f6f14a229e387833 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53027 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://spdflashtool.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C67E	6 KB 3 KB	45ms 40ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:08 GMT expires Wed, 18 Sep 2024 22:27:08 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated /	182 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	834 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	163ms 162ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.04&b=2&r=spdflashtool.com_auto_728x90_sticky_display_bottom&sy=e28cd46d-dfcb-4c05-a1ad-a5d752bffec2&ts=87&cd=2&pud=323&pus=c&pue=701&pid=113&pis=c&pie=816&ppd=669&pps=a&ppe=1372&pcl=470&ttc=1109&tti=1640&ttif=0&lca=1372&lcak=ppe&lct=1372&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=spdflashtool.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=753536f6-6940-4786-93ae-bceefc63521f&e=lm&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status HIT age 967328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8095411e0d7bbbcd-FRA
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 2F36 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1	43 B 339 B	60ms 58ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiqv7b3ATAB&v=APEucNW3p8w29aFHqfkYYFPk2n8LOxTBj8ykS2wLDrUITF7hBgsJa55w_EwlTO6kJtGTQYU3DJBNiC-V_nlCtabFr37ml6YTKHsIUkJ6lzrq0UmJqn4x7FCigAGhbrEOEgXtraBs4mWutSsJR7D19dFwC8vAAVmJRjEJyQ3D89NPchDsLpqj28I Protocol H2 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvoW9oS8tYQc76yT%2BkzjEC1O86dvwQoYzv9wYrARJq9FJFd7y6TewyQetFtxdAorftNZFabcbWgOtutP9oFIwC1qaFJx4ReF1sPjQXqNe874R%2F5YMub508xR7kmH%2BVVNAb%2BBjGxRT%2FRDYA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8095411f1fd918d9-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2F36 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1	43 B 736 B	56ms 54ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiqv7b3ATAB&v=APEucNW3p8w29aFHqfkYYFPk2n8LOxTBj8ykS2wLDrUITF7hBgsJa55w_EwlTO6kJtGTQYU3DJBNiC-V_nlCtabFr37ml6YTKHsIUkJ6lzrq0UmJqn4x7FCigAGhbrEOEgXtraBs4mWutSsJR7D19dFwC8vAAVmJRjEJyQ3D89NPchDsLpqj28I Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAyQPjXb%2Bu8NR%2BBAgZ5RqX68%2B0sQ2PtMXQHANnUfiMSSf6R%2BvdEDeBg6BijGKlryrs8p16dHayhvhwNEMDSAxM9E%2FocpREDvS%2BDDbiDlLB1zfxlD3gbXGVyif99GosHL4C9agw7qOa1yXg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8095411fe92a37dd-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 2F36 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1	43 B 839 B	44ms 38ms	Image image/gif	37.252.173.215 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiqv7b3ATAB&v=APEucNW3p8w29aFHqfkYYFPk2n8LOxTBj8ykS2wLDrUITF7hBgsJa55w_EwlTO6kJtGTQYU3DJBNiC-V_nlCtabFr37ml6YTKHsIUkJ6lzrq0UmJqn4x7FCigAGhbrEOEgXtraBs4mWutSsJR7D19dFwC8vAAVmJRjEJyQ3D89NPchDsLpqj28I Protocol H2 Server 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid 7a17d767-c0a6-4d2f-9123-56f0049480f9 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2F36 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D	170 B 243 B	49ms 49ms	Image image/png	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiqv7b3ATAB&v=APEucNW3p8w29aFHqfkYYFPk2n8LOxTBj8ykS2wLDrUITF7hBgsJa55w_EwlTO6kJtGTQYU3DJBNiC-V_nlCtabFr37ml6YTKHsIUkJ6lzrq0UmJqn4x7FCigAGhbrEOEgXtraBs4mWutSsJR7D19dFwC8vAAVmJRjEJyQ3D89NPchDsLpqj28I Protocol H2 Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid d0c23f70-a4ee-4397-b9ef-a71a5d375572 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D26	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=77165197449&version=m202309120101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D26	0 20 B	75ms 75ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=77165197449&version=m202309120101&ct=76&x=1&cor=5766726415342266000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 2D26	95 KB 38 KB	84ms 83ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgtL65v5SdgUbsMY7dUGOnEsDgpIjy_jp9H_VyrnFnRMfD3ZVhnKLU9uoKMug8A9OTNyKjrdD_eW6mhWRhHvKd_8lBnd6vfTLrBLti8MwkTXyJzlg&cry=1&dbm_d=AKAmf-C0id0RGdbCIRsMPA0vp45-e8-ZkivMrYN7Tl-bCmnySRncmPo6bqC9ccJI0crs5eKJD4wT2TEQhibP8gMr1M_wY08PRj-xBKxO2zOK8AK45KdqxnPmOpJVae26nI7bHqmyo4fhAuQu2ZgSsGyZyXEJrJq0T3nhp0fDAHrWu3W_GQqJsFl0F2Tu0sTS31RWtro-_NgaM5R_JVZSeadpUzmxlg0dXXJOIAE4pIeqeSXrK5Cf9x6gIUzH1_yxfiCFzfT8GARcuH1LCbLhmodNHqi8d-R9jSBwYidTshD2J3-9K99465J_TVBJa8D7g7R2M0Cd-zLLs1HPUJJlG_XRuzuripn32DVmOVsi2R0egamzKocHqE-DFHL-4WDsndbZhYOUC9r7pSLPMaFF0naEB7Cx9dxLgDtGsqdMo3KzN7aobsGL9DQtoGP1lH1sAoYS55eFNrwcumgWfXswysJUCCMuCh_z5g79mUaoSj3LER-p0V9DmF0Bq798Ux2-MO60zukR-0QhVKyONmAJ_pHVOBEAbdVDT1KEuBhAtO6njtpXOsoraaEGUWvj395VnHTBa-3P6PSQvPyfTj6JbC9TfAugvZc0WcQE_9MnzSPzAR2pZUGvU6uDCpOqd8X4fTbnB3kjbiRLvmDkLq0Dm0EXgkSc1dI3qbCnfsRNr7WxiN3zcyUX8KtZuNSiFfKbmQ8jJLeRCzV_3P1QTkWdgFU5ZjdbO77GksBx7iA_v594vxHdTAMt8B1aiASP9c2jQvMmlr2x2wFXdbf62DvF8vkrUv07fpPxCmjqgytiXn8hUWf2cx_ExG65SXrlN8bxfQnZYW40574zbZlnq0RErIRxZETMwMXHYbk-SLEdzYxWMC2ly62IE3WXP_fyXszBRs89C_aLsMR58HdiUv_8mgEu03rJppXd5MUhBdWf6xuGDl5ucdRiih99BHd8Xe2Mhp6uxTopAEx7Ij8LoOD-ZvhY9LFQWisT_suWPTRIdkXAVOZPWKfqxc4tJ6d3LqvwB59Ug8HLSx7FOb2eULHK4UOA1AAKErDckDba3Cy8zcKmZIaTl1OM6QjXY4oJuz46Gz_mvSjLa9JdgFIn9PMeZMjp7WnftzU6cwobyQ1P3fyvINCCDY0FW4PtYVedtUv8v3B6kwyZnOd3RFChSboTEAjMKDQHhbvjwPoH4OIwycIr1HB2-nQ_iR0Swqe4EBmxlh9Q1A3fuBlkQDvz5odKK4tKCh3tJ2_niVvFDuVmf54kA57i15zOMLgpjCVNCrj-EiiAmcefI-Qc_IMN5enoizGU4USZRr7gsrB6rE5DGrDGuFf7XYOpobxxPzdveHp-ZmEocgzVdILQeSnrnTZnSrmQWpBqz27ZjQOqf_lQCaoqzLXb9YSaHbgnYAENnvLkziYWGobdfEL7H4nt7JBnZYWugWvqS9SxBNP4hGxfu20EZ1OQOEfiCVFtMDjWzpAaj5x1sD_2AtGykA8Nju4X4NlIu6IWWYz0u-DJsucqPKqeCSDUhC7HQy7qVeyrgzk7m_aZ_G4Ta4da77cFy0KYp1E-jo4qHD_IRVS4XYnTffEwsBrlfLw7avyIysMOOq0zb5mGUQiUg56kqVtVCA8t8RWn6l5fEpPI5H7NlakDwvrz2Xab4vMunl4sxSC32s2SIe8G2n-RzwKsVY7eeJ4lGxuvxWn0zBg0hvnpt-H19kISn_E7mJJkxGT2wZlYVdAv7BYDUzpBAuNGTUHUp36ApY6RSxke0jBQwsVYudcVOEY-MLHiEXwFmyu6y23qKiPMApENa3KngZk2A1w6csRHRmBCmAVwXRVw5yK4uf_j_ek0muquJKXxTC7sz7h-JwiCeC7fKe6TcN1tNKK2Xv0HmpjwH-HIlWXVu-CMKWPhoI4VIAQJbpb0x4zGyKZfBe_zCcibqUPyovPTJKSC4_Gfjx0xm2VPz8a8_x1ZsyVvRZ6PSIBqxUett8FUWlMC6gC5D3eNj4niYiuVXafRb-sPDQtqY1OCpsuoar5DSIksiTW9WVO5xVjyr63K5Z3Wo3ATxt3JTBbaQC87VKHCQXAmv02a_ZJAhjXZi31c6nupBAXT_6n0VhtjAVI7uf5IeRTPgWGfUJtGKMSxWHtLSP6CuvnLN2zJc6iRYr8iXikKFn97_3P5tMXozPI3h8FNqInkCMh_ptAAYpGOusqW3-1EnsU0bPvRn2vtWu2Mb3-U1osy9dnQBuIXNA9_ZFQSfEygRCkUtg52dQjCHlhRcK_sjj9WovqJzx2RIpO0hR50zmUuM9Zt6xoeiSZhtwm4RwjYRK1vVYoBOJOqzXr12LbkqUBLhLVqmvnMLnwHTNTuEWzrCgKQffdurTU4Lh4CR3EBJ6llArck5umR4lotiL7W6o9Jt9Ht1PwyDtlvM-9S-FSE_bpu1yoRTFlrI22Qa3zdeAexjRDeo_4fv52FewnMf-e8IcJk2LZwUqKAKEp91_zMyYTWm6Ho22XBaQXQDQ68-acv6_rztBdqrApX9DpTJXkVliuPuh4drQfVdzaxeF7msInopmcNWtUhAoCfo-drttWzfnVntbcIU-Dc8Yz0k_iY7SrbegPDSUO4nx5yh4RqOAh8AmZBVg-3dgZhxSsBD4WE3-erWxdKV35DFEwRQNpO2hoWP49N-KQInc6kGi2Lr8XNdc1BIw8arVuxyGy13RI1WLGCB6v0fN-v7GnEWAAH3LauhDXpq2eg2onJJ_IIs67DZsanq57RLoW1CwhVozKcF1jfr4jiRKmcfeKN5nYEB3QL9_bRpnnIOLuQiitn0UagMkJO1PDtjuxpCDAmLP-10xTvgDzOjNEgva1HQSpx7V88bPviIJg9ERnkEeBWb6UP6vjs0hx7b69NkZvoGfBBXYa-m4UGtoptW7RcdyOmKEdUKOimiJ1merpJPQjspMmfC8JZ5RVtYj8mKeJB9MsB913WDrSNLkzNJijMDwO57sSUGprlR_RkjL2f_OMvTwN9ezWu7JhUbqpPEVO9CLTdJ7RfXnQ__dqGNa8lY5pLfyAYQty9HhTWYOuYxWSpJ3kCxpmzTIMHsvEzIVqvLV_-RAU8Vp6zCoSDwvkMwAYK6P1EUioaqjv-eP62g-RtbtkCNhjmPV-e5jQSvEmTlo5JAJZZ_V1DbS7y3ApeFcneSr5PmLw3P3Jlxl4PphbyXIP1rCfgC2wqlY3HrTM-CWxM_7BiYtVmmI-l_2sSWrnimvtu0iC8WMTXjKu5QzNFR_QPwXmvx3EEAZG5OQEF47WmKxvDUfRp0RKqA2JQ-YXfPRVb-4R3WWYUem8nBxB0kzjM45QUvLVbHYRkF1VgHuXCZEgXnWs5DQai3nGjE9BDDYraVTanYT2JT2wfg3nxMTuQFN_nzjaDxqyZ6jz6oSi-48qJgWE5P4bX7JO48JMkUuy6rUbZEG2c6HVLyv7j8sfu9w7i0-lRKTp5vPMyZLfPcwNgAW53SLJn4sIGCVpGpay7kXt0HykXrv9g0U0aiqH8PO7_00Q8habiLNrgBBEHJCtV9LeNB8tAnylPJiQEwDdv202ptHWD5X4HQcrWX7ZPaaP4acY&cid=CAQSSwBpAlJWY9EU_uTZjkcp7lAoO3s-H5KfyZifS17MFx8jPwvT3vdtvgRZMDbcwSfDM55xKtX_VapKVMSsSSpi6bmdM1iHWT6i8DGRPRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=5766726415342266000&adk=1964084972&idt=157&cac=0&dtd=26 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b798e063528aad44e8f6983c288987d78f08403d1f79e67707d2a79899422b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39199 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame C6B8	624 B 242 B	86ms 84ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNUZgHYjYps90FSKgv-vAvTQZdGrXybDpAqvxbzU5lNEt1ZPAiDgJeQZlmgRF_V4wF7IZ3WXiqnQnMM5T7dIHAGWhcen2AxqX33wT2MIGV5zh3N_jrdWZsnULk5oUkaejTeZNj-Fhe--aZkOVwR3SKY-ASwV7u34MQMo_uTcRNg1PQOgw28J6UqmDuAazMdXzZ3ursrQuSvqL_IrYpX46c8ZYlhUwA Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame C67E	89 KB 31 KB	114ms 112ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31438 x-xss-protection 0 server cafe etag 13183557946744512263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C67E	42 B 63 B	77ms 75ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqdAY4cGh0QnlwD5xyuTysNzSdJ0UY8yl8DmveIha1nHlrQWxUuEoziZPVcTa-dQb9B1Py2447EWcXupTWoWaqMGNZ7jS8wLBTcby_IhS11IKbkOo Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C67E	0 20 B	81ms 79ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11496697113344450576&x=1&ct=76 Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame C67E	3 KB 1 KB	48ms 46ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18031 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame C67E	20 KB 8 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C67E	182 KB 57 KB	2335ms 2334ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C6B8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1	43 B 768 B	65ms 60ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNUZgHYjYps90FSKgv-vAvTQZdGrXybDpAqvxbzU5lNEt1ZPAiDgJeQZlmgRF_V4wF7IZ3WXiqnQnMM5T7dIHAGWhcen2AxqX33wT2MIGV5zh3N_jrdWZsnULk5oUkaejTeZNj-Fhe--aZkOVwR3SKY-ASwV7u34MQMo_uTcRNg1PQOgw28J6UqmDuAazMdXzZ3ursrQuSvqL_IrYpX46c8ZYlhUwA Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrPkpjYeWQ3i8tgSNbw98lcdGvcgFnMUTyVZL0Gc325WDN3rlf4Ug78K5qKki1tw4%2F%2F36KL1dIaaZqXUhfx3gvbMWxh5A8UIdwWz96%2BbVVFbLIXkH1TzI9PrnUz48GS2W8rJ3cCXQBf1iw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8095411f88ba37dd-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C6B8 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1	43 B 738 B	53ms 52ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNUZgHYjYps90FSKgv-vAvTQZdGrXybDpAqvxbzU5lNEt1ZPAiDgJeQZlmgRF_V4wF7IZ3WXiqnQnMM5T7dIHAGWhcen2AxqX33wT2MIGV5zh3N_jrdWZsnULk5oUkaejTeZNj-Fhe--aZkOVwR3SKY-ASwV7u34MQMo_uTcRNg1PQOgw28J6UqmDuAazMdXzZ3ursrQuSvqL_IrYpX46c8ZYlhUwA Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUo2GNKZa%2Bk31FSmp%2FJ5MJwfaYdc%2FCa0v8VGpY8FOr2rnk%2FXNNUFRlA7xsg%2BN0Y7UgHUyBTrGp61MvH%2FaTMip%2FcMZBgykehoRbwHFgfkm3VaTqq039Z5YV54QM5K9cExSVj8xEsnWLgZfg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8095412089bd37dd-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELzI0pMM9JpTc6QQCgs3G9U&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame C6B8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1	43 B 839 B	43ms 39ms	Image image/gif	37.252.173.215 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNUZgHYjYps90FSKgv-vAvTQZdGrXybDpAqvxbzU5lNEt1ZPAiDgJeQZlmgRF_V4wF7IZ3WXiqnQnMM5T7dIHAGWhcen2AxqX33wT2MIGV5zh3N_jrdWZsnULk5oUkaejTeZNj-Fhe--aZkOVwR3SKY-ASwV7u34MQMo_uTcRNg1PQOgw28J6UqmDuAazMdXzZ3ursrQuSvqL_IrYpX46c8ZYlhUwA Protocol H2 Server 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid c22bcc60-81d4-477b-8075-efaa25bd00b6 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESELtFbUhh8ImjSedOobv4HIk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C6B8 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D	170 B 232 B	59ms 48ms	Image image/png	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNUZgHYjYps90FSKgv-vAvTQZdGrXybDpAqvxbzU5lNEt1ZPAiDgJeQZlmgRF_V4wF7IZ3WXiqnQnMM5T7dIHAGWhcen2AxqX33wT2MIGV5zh3N_jrdWZsnULk5oUkaejTeZNj-Fhe--aZkOVwR3SKY-ASwV7u34MQMo_uTcRNg1PQOgw28J6UqmDuAazMdXzZ3ursrQuSvqL_IrYpX46c8ZYlhUwA Protocol H2 Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid 7becba7b-5bd4-47e8-97ef-d9b412890ecf server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 2D26	172 KB 61 KB	162ms 39ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:04:59 GMT content-encoding gzip x-content-type-options nosniff age 19330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:04:59 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 2D26	11 KB 4 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgtL65v5SdgUbsMY7dUGOnEsDgpIjy_jp9H_VyrnFnRMfD3ZVhnKLU9uoKMug8A9OTNyKjrdD_eW6mhWRhHvKd_8lBnd6vfTLrBLti8MwkTXyJzlg&cry=1&dbm_d=AKAmf-C0id0RGdbCIRsMPA0vp45-e8-ZkivMrYN7Tl-bCmnySRncmPo6bqC9ccJI0crs5eKJD4wT2TEQhibP8gMr1M_wY08PRj-xBKxO2zOK8AK45KdqxnPmOpJVae26nI7bHqmyo4fhAuQu2ZgSsGyZyXEJrJq0T3nhp0fDAHrWu3W_GQqJsFl0F2Tu0sTS31RWtro-_NgaM5R_JVZSeadpUzmxlg0dXXJOIAE4pIeqeSXrK5Cf9x6gIUzH1_yxfiCFzfT8GARcuH1LCbLhmodNHqi8d-R9jSBwYidTshD2J3-9K99465J_TVBJa8D7g7R2M0Cd-zLLs1HPUJJlG_XRuzuripn32DVmOVsi2R0egamzKocHqE-DFHL-4WDsndbZhYOUC9r7pSLPMaFF0naEB7Cx9dxLgDtGsqdMo3KzN7aobsGL9DQtoGP1lH1sAoYS55eFNrwcumgWfXswysJUCCMuCh_z5g79mUaoSj3LER-p0V9DmF0Bq798Ux2-MO60zukR-0QhVKyONmAJ_pHVOBEAbdVDT1KEuBhAtO6njtpXOsoraaEGUWvj395VnHTBa-3P6PSQvPyfTj6JbC9TfAugvZc0WcQE_9MnzSPzAR2pZUGvU6uDCpOqd8X4fTbnB3kjbiRLvmDkLq0Dm0EXgkSc1dI3qbCnfsRNr7WxiN3zcyUX8KtZuNSiFfKbmQ8jJLeRCzV_3P1QTkWdgFU5ZjdbO77GksBx7iA_v594vxHdTAMt8B1aiASP9c2jQvMmlr2x2wFXdbf62DvF8vkrUv07fpPxCmjqgytiXn8hUWf2cx_ExG65SXrlN8bxfQnZYW40574zbZlnq0RErIRxZETMwMXHYbk-SLEdzYxWMC2ly62IE3WXP_fyXszBRs89C_aLsMR58HdiUv_8mgEu03rJppXd5MUhBdWf6xuGDl5ucdRiih99BHd8Xe2Mhp6uxTopAEx7Ij8LoOD-ZvhY9LFQWisT_suWPTRIdkXAVOZPWKfqxc4tJ6d3LqvwB59Ug8HLSx7FOb2eULHK4UOA1AAKErDckDba3Cy8zcKmZIaTl1OM6QjXY4oJuz46Gz_mvSjLa9JdgFIn9PMeZMjp7WnftzU6cwobyQ1P3fyvINCCDY0FW4PtYVedtUv8v3B6kwyZnOd3RFChSboTEAjMKDQHhbvjwPoH4OIwycIr1HB2-nQ_iR0Swqe4EBmxlh9Q1A3fuBlkQDvz5odKK4tKCh3tJ2_niVvFDuVmf54kA57i15zOMLgpjCVNCrj-EiiAmcefI-Qc_IMN5enoizGU4USZRr7gsrB6rE5DGrDGuFf7XYOpobxxPzdveHp-ZmEocgzVdILQeSnrnTZnSrmQWpBqz27ZjQOqf_lQCaoqzLXb9YSaHbgnYAENnvLkziYWGobdfEL7H4nt7JBnZYWugWvqS9SxBNP4hGxfu20EZ1OQOEfiCVFtMDjWzpAaj5x1sD_2AtGykA8Nju4X4NlIu6IWWYz0u-DJsucqPKqeCSDUhC7HQy7qVeyrgzk7m_aZ_G4Ta4da77cFy0KYp1E-jo4qHD_IRVS4XYnTffEwsBrlfLw7avyIysMOOq0zb5mGUQiUg56kqVtVCA8t8RWn6l5fEpPI5H7NlakDwvrz2Xab4vMunl4sxSC32s2SIe8G2n-RzwKsVY7eeJ4lGxuvxWn0zBg0hvnpt-H19kISn_E7mJJkxGT2wZlYVdAv7BYDUzpBAuNGTUHUp36ApY6RSxke0jBQwsVYudcVOEY-MLHiEXwFmyu6y23qKiPMApENa3KngZk2A1w6csRHRmBCmAVwXRVw5yK4uf_j_ek0muquJKXxTC7sz7h-JwiCeC7fKe6TcN1tNKK2Xv0HmpjwH-HIlWXVu-CMKWPhoI4VIAQJbpb0x4zGyKZfBe_zCcibqUPyovPTJKSC4_Gfjx0xm2VPz8a8_x1ZsyVvRZ6PSIBqxUett8FUWlMC6gC5D3eNj4niYiuVXafRb-sPDQtqY1OCpsuoar5DSIksiTW9WVO5xVjyr63K5Z3Wo3ATxt3JTBbaQC87VKHCQXAmv02a_ZJAhjXZi31c6nupBAXT_6n0VhtjAVI7uf5IeRTPgWGfUJtGKMSxWHtLSP6CuvnLN2zJc6iRYr8iXikKFn97_3P5tMXozPI3h8FNqInkCMh_ptAAYpGOusqW3-1EnsU0bPvRn2vtWu2Mb3-U1osy9dnQBuIXNA9_ZFQSfEygRCkUtg52dQjCHlhRcK_sjj9WovqJzx2RIpO0hR50zmUuM9Zt6xoeiSZhtwm4RwjYRK1vVYoBOJOqzXr12LbkqUBLhLVqmvnMLnwHTNTuEWzrCgKQffdurTU4Lh4CR3EBJ6llArck5umR4lotiL7W6o9Jt9Ht1PwyDtlvM-9S-FSE_bpu1yoRTFlrI22Qa3zdeAexjRDeo_4fv52FewnMf-e8IcJk2LZwUqKAKEp91_zMyYTWm6Ho22XBaQXQDQ68-acv6_rztBdqrApX9DpTJXkVliuPuh4drQfVdzaxeF7msInopmcNWtUhAoCfo-drttWzfnVntbcIU-Dc8Yz0k_iY7SrbegPDSUO4nx5yh4RqOAh8AmZBVg-3dgZhxSsBD4WE3-erWxdKV35DFEwRQNpO2hoWP49N-KQInc6kGi2Lr8XNdc1BIw8arVuxyGy13RI1WLGCB6v0fN-v7GnEWAAH3LauhDXpq2eg2onJJ_IIs67DZsanq57RLoW1CwhVozKcF1jfr4jiRKmcfeKN5nYEB3QL9_bRpnnIOLuQiitn0UagMkJO1PDtjuxpCDAmLP-10xTvgDzOjNEgva1HQSpx7V88bPviIJg9ERnkEeBWb6UP6vjs0hx7b69NkZvoGfBBXYa-m4UGtoptW7RcdyOmKEdUKOimiJ1merpJPQjspMmfC8JZ5RVtYj8mKeJB9MsB913WDrSNLkzNJijMDwO57sSUGprlR_RkjL2f_OMvTwN9ezWu7JhUbqpPEVO9CLTdJ7RfXnQ__dqGNa8lY5pLfyAYQty9HhTWYOuYxWSpJ3kCxpmzTIMHsvEzIVqvLV_-RAU8Vp6zCoSDwvkMwAYK6P1EUioaqjv-eP62g-RtbtkCNhjmPV-e5jQSvEmTlo5JAJZZ_V1DbS7y3ApeFcneSr5PmLw3P3Jlxl4PphbyXIP1rCfgC2wqlY3HrTM-CWxM_7BiYtVmmI-l_2sSWrnimvtu0iC8WMTXjKu5QzNFR_QPwXmvx3EEAZG5OQEF47WmKxvDUfRp0RKqA2JQ-YXfPRVb-4R3WWYUem8nBxB0kzjM45QUvLVbHYRkF1VgHuXCZEgXnWs5DQai3nGjE9BDDYraVTanYT2JT2wfg3nxMTuQFN_nzjaDxqyZ6jz6oSi-48qJgWE5P4bX7JO48JMkUuy6rUbZEG2c6HVLyv7j8sfu9w7i0-lRKTp5vPMyZLfPcwNgAW53SLJn4sIGCVpGpay7kXt0HykXrv9g0U0aiqH8PO7_00Q8habiLNrgBBEHJCtV9LeNB8tAnylPJiQEwDdv202ptHWD5X4HQcrWX7ZPaaP4acY&cid=CAQSSwBpAlJWY9EU_uTZjkcp7lAoO3s-H5KfyZifS17MFx8jPwvT3vdtvgRZMDbcwSfDM55xKtX_VapKVMSsSSpi6bmdM1iHWT6i8DGRPRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=5766726415342266000&adk=1964084972&idt=157&cac=0&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2D26	30 KB 11 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgtL65v5SdgUbsMY7dUGOnEsDgpIjy_jp9H_VyrnFnRMfD3ZVhnKLU9uoKMug8A9OTNyKjrdD_eW6mhWRhHvKd_8lBnd6vfTLrBLti8MwkTXyJzlg&cry=1&dbm_d=AKAmf-C0id0RGdbCIRsMPA0vp45-e8-ZkivMrYN7Tl-bCmnySRncmPo6bqC9ccJI0crs5eKJD4wT2TEQhibP8gMr1M_wY08PRj-xBKxO2zOK8AK45KdqxnPmOpJVae26nI7bHqmyo4fhAuQu2ZgSsGyZyXEJrJq0T3nhp0fDAHrWu3W_GQqJsFl0F2Tu0sTS31RWtro-_NgaM5R_JVZSeadpUzmxlg0dXXJOIAE4pIeqeSXrK5Cf9x6gIUzH1_yxfiCFzfT8GARcuH1LCbLhmodNHqi8d-R9jSBwYidTshD2J3-9K99465J_TVBJa8D7g7R2M0Cd-zLLs1HPUJJlG_XRuzuripn32DVmOVsi2R0egamzKocHqE-DFHL-4WDsndbZhYOUC9r7pSLPMaFF0naEB7Cx9dxLgDtGsqdMo3KzN7aobsGL9DQtoGP1lH1sAoYS55eFNrwcumgWfXswysJUCCMuCh_z5g79mUaoSj3LER-p0V9DmF0Bq798Ux2-MO60zukR-0QhVKyONmAJ_pHVOBEAbdVDT1KEuBhAtO6njtpXOsoraaEGUWvj395VnHTBa-3P6PSQvPyfTj6JbC9TfAugvZc0WcQE_9MnzSPzAR2pZUGvU6uDCpOqd8X4fTbnB3kjbiRLvmDkLq0Dm0EXgkSc1dI3qbCnfsRNr7WxiN3zcyUX8KtZuNSiFfKbmQ8jJLeRCzV_3P1QTkWdgFU5ZjdbO77GksBx7iA_v594vxHdTAMt8B1aiASP9c2jQvMmlr2x2wFXdbf62DvF8vkrUv07fpPxCmjqgytiXn8hUWf2cx_ExG65SXrlN8bxfQnZYW40574zbZlnq0RErIRxZETMwMXHYbk-SLEdzYxWMC2ly62IE3WXP_fyXszBRs89C_aLsMR58HdiUv_8mgEu03rJppXd5MUhBdWf6xuGDl5ucdRiih99BHd8Xe2Mhp6uxTopAEx7Ij8LoOD-ZvhY9LFQWisT_suWPTRIdkXAVOZPWKfqxc4tJ6d3LqvwB59Ug8HLSx7FOb2eULHK4UOA1AAKErDckDba3Cy8zcKmZIaTl1OM6QjXY4oJuz46Gz_mvSjLa9JdgFIn9PMeZMjp7WnftzU6cwobyQ1P3fyvINCCDY0FW4PtYVedtUv8v3B6kwyZnOd3RFChSboTEAjMKDQHhbvjwPoH4OIwycIr1HB2-nQ_iR0Swqe4EBmxlh9Q1A3fuBlkQDvz5odKK4tKCh3tJ2_niVvFDuVmf54kA57i15zOMLgpjCVNCrj-EiiAmcefI-Qc_IMN5enoizGU4USZRr7gsrB6rE5DGrDGuFf7XYOpobxxPzdveHp-ZmEocgzVdILQeSnrnTZnSrmQWpBqz27ZjQOqf_lQCaoqzLXb9YSaHbgnYAENnvLkziYWGobdfEL7H4nt7JBnZYWugWvqS9SxBNP4hGxfu20EZ1OQOEfiCVFtMDjWzpAaj5x1sD_2AtGykA8Nju4X4NlIu6IWWYz0u-DJsucqPKqeCSDUhC7HQy7qVeyrgzk7m_aZ_G4Ta4da77cFy0KYp1E-jo4qHD_IRVS4XYnTffEwsBrlfLw7avyIysMOOq0zb5mGUQiUg56kqVtVCA8t8RWn6l5fEpPI5H7NlakDwvrz2Xab4vMunl4sxSC32s2SIe8G2n-RzwKsVY7eeJ4lGxuvxWn0zBg0hvnpt-H19kISn_E7mJJkxGT2wZlYVdAv7BYDUzpBAuNGTUHUp36ApY6RSxke0jBQwsVYudcVOEY-MLHiEXwFmyu6y23qKiPMApENa3KngZk2A1w6csRHRmBCmAVwXRVw5yK4uf_j_ek0muquJKXxTC7sz7h-JwiCeC7fKe6TcN1tNKK2Xv0HmpjwH-HIlWXVu-CMKWPhoI4VIAQJbpb0x4zGyKZfBe_zCcibqUPyovPTJKSC4_Gfjx0xm2VPz8a8_x1ZsyVvRZ6PSIBqxUett8FUWlMC6gC5D3eNj4niYiuVXafRb-sPDQtqY1OCpsuoar5DSIksiTW9WVO5xVjyr63K5Z3Wo3ATxt3JTBbaQC87VKHCQXAmv02a_ZJAhjXZi31c6nupBAXT_6n0VhtjAVI7uf5IeRTPgWGfUJtGKMSxWHtLSP6CuvnLN2zJc6iRYr8iXikKFn97_3P5tMXozPI3h8FNqInkCMh_ptAAYpGOusqW3-1EnsU0bPvRn2vtWu2Mb3-U1osy9dnQBuIXNA9_ZFQSfEygRCkUtg52dQjCHlhRcK_sjj9WovqJzx2RIpO0hR50zmUuM9Zt6xoeiSZhtwm4RwjYRK1vVYoBOJOqzXr12LbkqUBLhLVqmvnMLnwHTNTuEWzrCgKQffdurTU4Lh4CR3EBJ6llArck5umR4lotiL7W6o9Jt9Ht1PwyDtlvM-9S-FSE_bpu1yoRTFlrI22Qa3zdeAexjRDeo_4fv52FewnMf-e8IcJk2LZwUqKAKEp91_zMyYTWm6Ho22XBaQXQDQ68-acv6_rztBdqrApX9DpTJXkVliuPuh4drQfVdzaxeF7msInopmcNWtUhAoCfo-drttWzfnVntbcIU-Dc8Yz0k_iY7SrbegPDSUO4nx5yh4RqOAh8AmZBVg-3dgZhxSsBD4WE3-erWxdKV35DFEwRQNpO2hoWP49N-KQInc6kGi2Lr8XNdc1BIw8arVuxyGy13RI1WLGCB6v0fN-v7GnEWAAH3LauhDXpq2eg2onJJ_IIs67DZsanq57RLoW1CwhVozKcF1jfr4jiRKmcfeKN5nYEB3QL9_bRpnnIOLuQiitn0UagMkJO1PDtjuxpCDAmLP-10xTvgDzOjNEgva1HQSpx7V88bPviIJg9ERnkEeBWb6UP6vjs0hx7b69NkZvoGfBBXYa-m4UGtoptW7RcdyOmKEdUKOimiJ1merpJPQjspMmfC8JZ5RVtYj8mKeJB9MsB913WDrSNLkzNJijMDwO57sSUGprlR_RkjL2f_OMvTwN9ezWu7JhUbqpPEVO9CLTdJ7RfXnQ__dqGNa8lY5pLfyAYQty9HhTWYOuYxWSpJ3kCxpmzTIMHsvEzIVqvLV_-RAU8Vp6zCoSDwvkMwAYK6P1EUioaqjv-eP62g-RtbtkCNhjmPV-e5jQSvEmTlo5JAJZZ_V1DbS7y3ApeFcneSr5PmLw3P3Jlxl4PphbyXIP1rCfgC2wqlY3HrTM-CWxM_7BiYtVmmI-l_2sSWrnimvtu0iC8WMTXjKu5QzNFR_QPwXmvx3EEAZG5OQEF47WmKxvDUfRp0RKqA2JQ-YXfPRVb-4R3WWYUem8nBxB0kzjM45QUvLVbHYRkF1VgHuXCZEgXnWs5DQai3nGjE9BDDYraVTanYT2JT2wfg3nxMTuQFN_nzjaDxqyZ6jz6oSi-48qJgWE5P4bX7JO48JMkUuy6rUbZEG2c6HVLyv7j8sfu9w7i0-lRKTp5vPMyZLfPcwNgAW53SLJn4sIGCVpGpay7kXt0HykXrv9g0U0aiqH8PO7_00Q8habiLNrgBBEHJCtV9LeNB8tAnylPJiQEwDdv202ptHWD5X4HQcrWX7ZPaaP4acY&cid=CAQSSwBpAlJWY9EU_uTZjkcp7lAoO3s-H5KfyZifS17MFx8jPwvT3vdtvgRZMDbcwSfDM55xKtX_VapKVMSsSSpi6bmdM1iHWT6i8DGRPRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=5766726415342266000&adk=1964084972&idt=157&cac=0&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11585 x-xss-protection 0 server cafe etag 30886230758233217 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2D26	41 KB 13 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 22:35:27 GMT content-encoding br x-content-type-options nosniff age 85902 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Sep 2024 22:35:27 GMT
GET DATA	200 OK	truncated / Frame 2D26	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ebaef879a96e35cf8e4ecabbd046f112a54bd60e25d3f4a605a8de216ce33267 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C67E	0 20 B	77ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2687437980967&version=m202309120101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C67E	0 20 B	76ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2687437980967&version=m202309120101&ct=76&x=1&cor=11496697113344450000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame C67E	105 KB 40 KB	94ms 88ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXg8wfHpVOHfAhFT43CSyEPejdMSAs97dH4MuKorrfp09eb_IxU0XpelykVCAXaxn82WiWD4dDD4bxkO41KN4JAnPEPPl53a1q9Y4tYq8FKD2ZFK-VLcng4-gQJsv0shDQQV-vQTT940uFptaQTVpxzLwJlioJLkKNAun1tXhqYeyqm00&dbm_d=AKAmf-CXole8je9gP6OUL0h6rcsZybRIfMUSdKf1S46lcURo0SfBbLTXKoJnvT28aFbi--G_509gY7i7CmTpvFYN6A6GpXvNvbL-__sarAO0zrZvIqIn37BoUIyNsybr64dZ9gklDoVMvRCAneUSRLerrQB7fi7szE4-s4TIDG4YPppkXzchNvm92rdYRN2F6rapoe6_8lV3bNxXn2aH6c-FB5ubQDDh_-FFs-VvFMKPeADy_jj2n8k3krtR-d2eJ4Hcvno7ElXXowiahVI0BUGs7ib2xc8FOk77pt7fFxlpYQdqKeWnxwq5wSr_L0tDuPRmEjTgyKUR2AJ2l1RHqnfaPKI1NyD8KbD5Doa5XPf0Dn8bMkzHb_VdlQ5NiK9y72t-IS_kvCnuV9TX-z0sGKQ5MzWBAkc9wIVOErwn7z-PSDyLfS2aK2_ZLyJzO_sNmhyFIZRj6BGD8l3W6dWzpDWudRq58VHHSX5zUOnM9GenRV9_SdN272HTZILp79ou29ULcYG9qVB3CkdamfHev7iQwydWi4mxMukDzKPW1YmZhyNcqGC4KmLkEymOkqndfuoynlPlOvCige7lu1YUDYnG448yRXOqYZkijfKqwOYq-ooqkJbVLD-GvqI2-Q5yE1CY1kIoAACf09Cm0tUSGVRFJcG5NflasWF8-sLu7-BgVcw7wXfa3X5mCxU_-AXdlOH1kl1C1lTAbNUO-GMSV1qJ0Wp74PJ0mrimAqLkHnBZacWyJk3KAAyA7-jGdcAV9k-EcwwnqVlAoklX_m91MfAN9Bw_BVw2dKg6iH_ZTc892acdcoVHkrzZa8HSvG1vhW2lVlob2bWIYiY4VmiVQy_l9qK_sAmxLu0SCpXl6c-CV9CqtICmAyE4ER9mynO2aR6okGDpsm17Xt2tArmtc9BeUpYPPb4RTGDASUGysLsDvbN9wdc9IebjVRhrgj0yjj1fs_2P7PnA0RWs8hj6ulXijG31T3GZHr38FGakkfYYdKlqC8wAb-Tp6wPJ8PvymPCB4KDzL-yA8lNbhCq2qBTflD_ukKC_VeQP6VJxVDFPS0B4wX70lPmFL9SAFs0iMvfTElVIHAxt8a-7xHK5YUoKHyP0BRZVKiUWOZOsPtz8bDVvWKr9D69wA8iiNQpihQdy8Z2kKMvAxIINZli64su9OWZjThNKm0hlA3sqPAI7kAFqRrwaRyVMrofa_7Rs15i0_kWroEkkKqdHoY-sOSmUYhWfGJJeRA_QCJA3XUieAl9mO3XKCjThigF0358ieon09HqzuK4EhUiNT9FD2NFdcT5QOKp9emZIz6n0FCW7Okqa1a5o2Geh_Cz8MqXWQyEBhpvTshahLMXkbUEjsHGvmenzgn5RavjsqRKZ9z3_F4QbhopC1s_P-RLWuPWEToAb1NR2L6uxcVBCSklZL7d40pmVAqIqsLXjn1-5FeHzaImsTuA7DPLoiIlkHeF1z-BkZPLMdflW5JiuwzZJCKIQZEdnxKbgWeJgH_dlsqTlFN5j91NPkcbG0gXViqs1OTvCQ9yQpl_baGaXOzFitywJEKFHCSt5rA3WiwG6x0O7lfnCB209nxz_i9_K12d53nIj4EIC9KjYguwMMNBAqOdVFiQDhh1wtyCXufKKPMYZ2ScAYIbnB16_61jEOGe6jfAL9pi_v3XsEnvrH7_82EJhFFI06_WyqMY2b8A4Rz1xjQxjnYdcEYDWRs-q9jmDDUQ1m1Bs0HHAkBZurEYIAeQr_w2QMDnP3lnNCUzmZxCBL_r6P2H8lBo-Vsz1wYeMtwFZ41gypmWG7imwzwJfsFzCRenBuTJNvOCcwyjdWV4aaCGmLFR2YeeGsMDBQ5lWnOEraodtZ92r_jGlhyH2K-s178n7s1hPIq6AUXTyHKEZ0D40dca3XeH8s1x0Geq8uPIEH4oT74JzALS204typH0zNHcQyT75cKia4v4Hd4cW3MF4hcxh8XM0INp8m0h1DxMTea06I0nzf8OEhLtVIbrMSLLSSJkTb0FrTDnHMHvmnQlaxZM6vfRSgMNVtzM6VU4AeI1qsTKlRwENKHl2UEiic7fRCpa70C6FvOFUG8V_76SH8uDccK1I-mOV50a-AQ7q1J2XUPuJy80AiaHhPaCDOL1VVvdBImokTBgfV52v9AWW_M-XZvCCCiJgJ346MLz11h4MiFPlRv_M8QJYNWPW44UX1sRr_wumH2siKJWuSjlBfalruzDQW3vT-r5lEYy2Y20Q8Xaw0eHGb8g_an0WPy2-0-k9NTm6IKQ4ZPxm6lZo8zOuDM6coVfRX-1Z9rKOSRAi69QzGsOUlIkxn_wWlkGYjJZkjnm4rOE2k46Gy6H3SNd32j8m1arHrAnFZx4cWiHfmz6ObVR6DKQbhOHkwB6SqdA4jnhRTnriqkW-6vLvZS7aLotM_j2zLMJ-UctufZvjmztlMCrxHO0izTZAlCKWzj4qaX4nbs9JyMikRE7eZ_YkxWkfMUgQQG9cz_OnG5KPj1B5zURKfrRgWDj3E2NpYEHodBcMSDRMZ5txsNA1ivCUm2_T9VeiAX8tLtvhdMlbb_lbz4expCLg4zTYH7rE-05bJVFqvdxu9jz9AWZE8Y1tWEr7ITchfeINjs9TDJhO6gC5dB_rK_cGijJWccMd5Mb9horxTZ6eN_d49pwfOGfdwzvcc-uHMQBBI2EDUAf9WsQy5KFqrbz49levfvuWVphTDKdNfzCHw1it2K9xEAO0qdWBgDplfZZv01G5h9YlhIwABs86EloggWarr3BCKTE9ruhM8hvQv160BUXqrf2WVsOsEr0p28I6sZ1dzofhA5sY9nmklQbNwPtz3F0vO5t1Zv6BOeZDcLymyzUOUS53R0p03o2ipydwENnPa-CxmP574fL8A1LetfjyRKEvh5PoeKnM9tJ11icQh8cIthcsnI19zQbsengm4GkAMAOzdle7-VLCwZZsLNADmSa4YYstBowlAiKmfcCp-8AX3oUrN8m0Gc7POhMdcefZj0wPYrz-K1rEtA8GwiOIyxEHFk5YtwUt6vE3HtK5ST7qae0cgxNrduTfn8S1Jn-SAC98aAs7uHrV1nO_jQlfs0RBDa-KYZElfYoqrC5fdzOauQA_xSBhqcTPBVUYaRitxHsgsH2ixVRBBHxhla9LXWunaHBeoJxECY1nwAXfOFahrMnaOGp-R7Ewv1ZCyfF7vgtJUoe0tbPtOeELM6PiKV3_SWvSQ-CG9x9l1DF0GkBxdNExJm1WAaYjCGy6VAIE7RsVBZe3Kqafr2XIRqXKw5lyXkGY6YRWdRc1dXro1_NlKYKn9FvJZoVNDaef-4-P3btUCJ91UxaO3WVC_RLi063zjuXo2Sjel6HblFgY7p-DUqbxNz8kNZIeXZDRWXFOaNPaii0GVaeUTah2-g4EqsnR3NLQMJOEK5S0DSmItfCTELVI9lVCoSHCJ8npWu6Z2GYU1DDafJga6QNTRy8_pZjkP61fUUqWvUsYcLX0gL35_HX86DF_ebkWx0ASuHBfmt-IhmvouGsIYMtx-NdnMakuGYfcMg1hUgfT_a3MiaS3lj6tYWCK4IaEK-98Ezqdb64CH0GwR2ghPZqF5y-abQ0xfraZ-LVTY5Jr3pzNtoHBKzMeWoJoP72-pp8rcfxa8n5AgQh3aVTWZt4L2QFIKQZ3bEO8syACGkmRQtC2NDtWk3F5iKVQWRZAo07WwTvk3zx6dRlynG2vW7nGy1v7t9wq7OQ_srmOW9INRWanA4Zy0ExluEQkxJW2vpUkmi07P8Pf9zafoxIaNsMxzLcs2XwUU7wpE2o5hVM3x0GdXHJyreMSO0A&cid=CAQSSwBpAlJW7aqN8-ZoXz8mSXHkaMCJt_alDm4fxC741kMZJbp-8gOSxO-8dbtFhQW9TdJyboqRW45cuMCbtqRzHQVZSPk6riOn9mYH3hgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=11496697113344450000&adk=2857193498&idt=153&cac=0&dtd=8 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4119e979dca5295dbab1f0a4d70f0b62a29a1b686b1c2dd5db8fa35ad7712f67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41264 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame D38B	22 KB 8 KB	40ms 39ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 437367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Sep 2023 20:57:42 GMT expires Fri, 13 Sep 2024 20:57:42 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1865	42 B 63 B	90ms 88ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3-PFJiOBGDkzFDfh7xmw3DAEbkRVA08cWvHrK8tX90-0kPqjk7WHciVE2G65Ce1xuoAFZYHU5UclswnwzXL4zpH1g_ECi9FZa-GxJhDKWwSquaxQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1865	0 20 B	89ms 88ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6547158845618445464&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1865	89 KB 31 KB	85ms 84ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31438 x-xss-protection 0 server cafe etag 13183557946744512263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 1865	3 KB 1 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18031 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 1865	20 KB 8 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1865	182 KB 57 KB	2132ms 2131ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7EA1	624 B 245 B	87ms 84ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_bqI6QEwAQ&v=APEucNVYdOTj-j1-2ttWVh19uj1isUW0kIF6oBxpgteV37zTC8rUN-0SgO_c6FYCpm3w3NGReczrGFuc_Ly4uG2yMltUqEpgGQpKSXPgMEDOTxct7QZm38UCbJjGTJqZb5gTeEK4sAZC_PG1Y2QZzSOJYCNpT70zBX11u0pHsJCEnvWzESvc-j8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Tue, 19 Sep 2023 22:27:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F00D	6 KB 3 KB	52ms 50ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:08 GMT expires Wed, 18 Sep 2024 22:27:08 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 479 B	50ms 48ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=1.72&b=2&r=spdflashtool.com_auto_interstitial_desktop&sy=e28cd46d-dfcb-4c05-a1ad-a5d752bffec2&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=spdflashtool.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=753536f6-6940-4786-93ae-bceefc63521f&e=lm&dsReferer=c3BkZmxhc2h0b29sLmNvbS9jYXRlZ29yeS9kb3dubG9hZA== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.15.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-nf-request-id 01H8DVDRND02F407MF5VJKP125 date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status HIT age 967328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5dcb6aa12a683302e5f0dc8249fb1b45-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 809541207885bbcd-FRA
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame C67E	250 KB 75 KB	236ms 67ms	Script application/javascript	54.155.202.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20343398390&bidurl=https://spdflashtool.com/category/download&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_8VICmz352hHThsVGUPCH Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.202.110 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-202-110.eu-west-1.compute.amazonaws.com Software / Resource Hash df27919aa383024a763cfdfabf6a9d6f408028edd11a5bb9039e46236b3aa398 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame C67E	111 KB 39 KB	45ms 40ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ Origin https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:48:00 GMT content-encoding gzip x-content-type-options nosniff age 16749 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:48:00 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame C67E	11 KB 4 KB	43ms 39ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXg8wfHpVOHfAhFT43CSyEPejdMSAs97dH4MuKorrfp09eb_IxU0XpelykVCAXaxn82WiWD4dDD4bxkO41KN4JAnPEPPl53a1q9Y4tYq8FKD2ZFK-VLcng4-gQJsv0shDQQV-vQTT940uFptaQTVpxzLwJlioJLkKNAun1tXhqYeyqm00&dbm_d=AKAmf-CXole8je9gP6OUL0h6rcsZybRIfMUSdKf1S46lcURo0SfBbLTXKoJnvT28aFbi--G_509gY7i7CmTpvFYN6A6GpXvNvbL-__sarAO0zrZvIqIn37BoUIyNsybr64dZ9gklDoVMvRCAneUSRLerrQB7fi7szE4-s4TIDG4YPppkXzchNvm92rdYRN2F6rapoe6_8lV3bNxXn2aH6c-FB5ubQDDh_-FFs-VvFMKPeADy_jj2n8k3krtR-d2eJ4Hcvno7ElXXowiahVI0BUGs7ib2xc8FOk77pt7fFxlpYQdqKeWnxwq5wSr_L0tDuPRmEjTgyKUR2AJ2l1RHqnfaPKI1NyD8KbD5Doa5XPf0Dn8bMkzHb_VdlQ5NiK9y72t-IS_kvCnuV9TX-z0sGKQ5MzWBAkc9wIVOErwn7z-PSDyLfS2aK2_ZLyJzO_sNmhyFIZRj6BGD8l3W6dWzpDWudRq58VHHSX5zUOnM9GenRV9_SdN272HTZILp79ou29ULcYG9qVB3CkdamfHev7iQwydWi4mxMukDzKPW1YmZhyNcqGC4KmLkEymOkqndfuoynlPlOvCige7lu1YUDYnG448yRXOqYZkijfKqwOYq-ooqkJbVLD-GvqI2-Q5yE1CY1kIoAACf09Cm0tUSGVRFJcG5NflasWF8-sLu7-BgVcw7wXfa3X5mCxU_-AXdlOH1kl1C1lTAbNUO-GMSV1qJ0Wp74PJ0mrimAqLkHnBZacWyJk3KAAyA7-jGdcAV9k-EcwwnqVlAoklX_m91MfAN9Bw_BVw2dKg6iH_ZTc892acdcoVHkrzZa8HSvG1vhW2lVlob2bWIYiY4VmiVQy_l9qK_sAmxLu0SCpXl6c-CV9CqtICmAyE4ER9mynO2aR6okGDpsm17Xt2tArmtc9BeUpYPPb4RTGDASUGysLsDvbN9wdc9IebjVRhrgj0yjj1fs_2P7PnA0RWs8hj6ulXijG31T3GZHr38FGakkfYYdKlqC8wAb-Tp6wPJ8PvymPCB4KDzL-yA8lNbhCq2qBTflD_ukKC_VeQP6VJxVDFPS0B4wX70lPmFL9SAFs0iMvfTElVIHAxt8a-7xHK5YUoKHyP0BRZVKiUWOZOsPtz8bDVvWKr9D69wA8iiNQpihQdy8Z2kKMvAxIINZli64su9OWZjThNKm0hlA3sqPAI7kAFqRrwaRyVMrofa_7Rs15i0_kWroEkkKqdHoY-sOSmUYhWfGJJeRA_QCJA3XUieAl9mO3XKCjThigF0358ieon09HqzuK4EhUiNT9FD2NFdcT5QOKp9emZIz6n0FCW7Okqa1a5o2Geh_Cz8MqXWQyEBhpvTshahLMXkbUEjsHGvmenzgn5RavjsqRKZ9z3_F4QbhopC1s_P-RLWuPWEToAb1NR2L6uxcVBCSklZL7d40pmVAqIqsLXjn1-5FeHzaImsTuA7DPLoiIlkHeF1z-BkZPLMdflW5JiuwzZJCKIQZEdnxKbgWeJgH_dlsqTlFN5j91NPkcbG0gXViqs1OTvCQ9yQpl_baGaXOzFitywJEKFHCSt5rA3WiwG6x0O7lfnCB209nxz_i9_K12d53nIj4EIC9KjYguwMMNBAqOdVFiQDhh1wtyCXufKKPMYZ2ScAYIbnB16_61jEOGe6jfAL9pi_v3XsEnvrH7_82EJhFFI06_WyqMY2b8A4Rz1xjQxjnYdcEYDWRs-q9jmDDUQ1m1Bs0HHAkBZurEYIAeQr_w2QMDnP3lnNCUzmZxCBL_r6P2H8lBo-Vsz1wYeMtwFZ41gypmWG7imwzwJfsFzCRenBuTJNvOCcwyjdWV4aaCGmLFR2YeeGsMDBQ5lWnOEraodtZ92r_jGlhyH2K-s178n7s1hPIq6AUXTyHKEZ0D40dca3XeH8s1x0Geq8uPIEH4oT74JzALS204typH0zNHcQyT75cKia4v4Hd4cW3MF4hcxh8XM0INp8m0h1DxMTea06I0nzf8OEhLtVIbrMSLLSSJkTb0FrTDnHMHvmnQlaxZM6vfRSgMNVtzM6VU4AeI1qsTKlRwENKHl2UEiic7fRCpa70C6FvOFUG8V_76SH8uDccK1I-mOV50a-AQ7q1J2XUPuJy80AiaHhPaCDOL1VVvdBImokTBgfV52v9AWW_M-XZvCCCiJgJ346MLz11h4MiFPlRv_M8QJYNWPW44UX1sRr_wumH2siKJWuSjlBfalruzDQW3vT-r5lEYy2Y20Q8Xaw0eHGb8g_an0WPy2-0-k9NTm6IKQ4ZPxm6lZo8zOuDM6coVfRX-1Z9rKOSRAi69QzGsOUlIkxn_wWlkGYjJZkjnm4rOE2k46Gy6H3SNd32j8m1arHrAnFZx4cWiHfmz6ObVR6DKQbhOHkwB6SqdA4jnhRTnriqkW-6vLvZS7aLotM_j2zLMJ-UctufZvjmztlMCrxHO0izTZAlCKWzj4qaX4nbs9JyMikRE7eZ_YkxWkfMUgQQG9cz_OnG5KPj1B5zURKfrRgWDj3E2NpYEHodBcMSDRMZ5txsNA1ivCUm2_T9VeiAX8tLtvhdMlbb_lbz4expCLg4zTYH7rE-05bJVFqvdxu9jz9AWZE8Y1tWEr7ITchfeINjs9TDJhO6gC5dB_rK_cGijJWccMd5Mb9horxTZ6eN_d49pwfOGfdwzvcc-uHMQBBI2EDUAf9WsQy5KFqrbz49levfvuWVphTDKdNfzCHw1it2K9xEAO0qdWBgDplfZZv01G5h9YlhIwABs86EloggWarr3BCKTE9ruhM8hvQv160BUXqrf2WVsOsEr0p28I6sZ1dzofhA5sY9nmklQbNwPtz3F0vO5t1Zv6BOeZDcLymyzUOUS53R0p03o2ipydwENnPa-CxmP574fL8A1LetfjyRKEvh5PoeKnM9tJ11icQh8cIthcsnI19zQbsengm4GkAMAOzdle7-VLCwZZsLNADmSa4YYstBowlAiKmfcCp-8AX3oUrN8m0Gc7POhMdcefZj0wPYrz-K1rEtA8GwiOIyxEHFk5YtwUt6vE3HtK5ST7qae0cgxNrduTfn8S1Jn-SAC98aAs7uHrV1nO_jQlfs0RBDa-KYZElfYoqrC5fdzOauQA_xSBhqcTPBVUYaRitxHsgsH2ixVRBBHxhla9LXWunaHBeoJxECY1nwAXfOFahrMnaOGp-R7Ewv1ZCyfF7vgtJUoe0tbPtOeELM6PiKV3_SWvSQ-CG9x9l1DF0GkBxdNExJm1WAaYjCGy6VAIE7RsVBZe3Kqafr2XIRqXKw5lyXkGY6YRWdRc1dXro1_NlKYKn9FvJZoVNDaef-4-P3btUCJ91UxaO3WVC_RLi063zjuXo2Sjel6HblFgY7p-DUqbxNz8kNZIeXZDRWXFOaNPaii0GVaeUTah2-g4EqsnR3NLQMJOEK5S0DSmItfCTELVI9lVCoSHCJ8npWu6Z2GYU1DDafJga6QNTRy8_pZjkP61fUUqWvUsYcLX0gL35_HX86DF_ebkWx0ASuHBfmt-IhmvouGsIYMtx-NdnMakuGYfcMg1hUgfT_a3MiaS3lj6tYWCK4IaEK-98Ezqdb64CH0GwR2ghPZqF5y-abQ0xfraZ-LVTY5Jr3pzNtoHBKzMeWoJoP72-pp8rcfxa8n5AgQh3aVTWZt4L2QFIKQZ3bEO8syACGkmRQtC2NDtWk3F5iKVQWRZAo07WwTvk3zx6dRlynG2vW7nGy1v7t9wq7OQ_srmOW9INRWanA4Zy0ExluEQkxJW2vpUkmi07P8Pf9zafoxIaNsMxzLcs2XwUU7wpE2o5hVM3x0GdXHJyreMSO0A&cid=CAQSSwBpAlJW7aqN8-ZoXz8mSXHkaMCJt_alDm4fxC741kMZJbp-8gOSxO-8dbtFhQW9TdJyboqRW45cuMCbtqRzHQVZSPk6riOn9mYH3hgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=11496697113344450000&adk=2857193498&idt=153&cac=0&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame C67E	30 KB 11 KB	49ms 48ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXg8wfHpVOHfAhFT43CSyEPejdMSAs97dH4MuKorrfp09eb_IxU0XpelykVCAXaxn82WiWD4dDD4bxkO41KN4JAnPEPPl53a1q9Y4tYq8FKD2ZFK-VLcng4-gQJsv0shDQQV-vQTT940uFptaQTVpxzLwJlioJLkKNAun1tXhqYeyqm00&dbm_d=AKAmf-CXole8je9gP6OUL0h6rcsZybRIfMUSdKf1S46lcURo0SfBbLTXKoJnvT28aFbi--G_509gY7i7CmTpvFYN6A6GpXvNvbL-__sarAO0zrZvIqIn37BoUIyNsybr64dZ9gklDoVMvRCAneUSRLerrQB7fi7szE4-s4TIDG4YPppkXzchNvm92rdYRN2F6rapoe6_8lV3bNxXn2aH6c-FB5ubQDDh_-FFs-VvFMKPeADy_jj2n8k3krtR-d2eJ4Hcvno7ElXXowiahVI0BUGs7ib2xc8FOk77pt7fFxlpYQdqKeWnxwq5wSr_L0tDuPRmEjTgyKUR2AJ2l1RHqnfaPKI1NyD8KbD5Doa5XPf0Dn8bMkzHb_VdlQ5NiK9y72t-IS_kvCnuV9TX-z0sGKQ5MzWBAkc9wIVOErwn7z-PSDyLfS2aK2_ZLyJzO_sNmhyFIZRj6BGD8l3W6dWzpDWudRq58VHHSX5zUOnM9GenRV9_SdN272HTZILp79ou29ULcYG9qVB3CkdamfHev7iQwydWi4mxMukDzKPW1YmZhyNcqGC4KmLkEymOkqndfuoynlPlOvCige7lu1YUDYnG448yRXOqYZkijfKqwOYq-ooqkJbVLD-GvqI2-Q5yE1CY1kIoAACf09Cm0tUSGVRFJcG5NflasWF8-sLu7-BgVcw7wXfa3X5mCxU_-AXdlOH1kl1C1lTAbNUO-GMSV1qJ0Wp74PJ0mrimAqLkHnBZacWyJk3KAAyA7-jGdcAV9k-EcwwnqVlAoklX_m91MfAN9Bw_BVw2dKg6iH_ZTc892acdcoVHkrzZa8HSvG1vhW2lVlob2bWIYiY4VmiVQy_l9qK_sAmxLu0SCpXl6c-CV9CqtICmAyE4ER9mynO2aR6okGDpsm17Xt2tArmtc9BeUpYPPb4RTGDASUGysLsDvbN9wdc9IebjVRhrgj0yjj1fs_2P7PnA0RWs8hj6ulXijG31T3GZHr38FGakkfYYdKlqC8wAb-Tp6wPJ8PvymPCB4KDzL-yA8lNbhCq2qBTflD_ukKC_VeQP6VJxVDFPS0B4wX70lPmFL9SAFs0iMvfTElVIHAxt8a-7xHK5YUoKHyP0BRZVKiUWOZOsPtz8bDVvWKr9D69wA8iiNQpihQdy8Z2kKMvAxIINZli64su9OWZjThNKm0hlA3sqPAI7kAFqRrwaRyVMrofa_7Rs15i0_kWroEkkKqdHoY-sOSmUYhWfGJJeRA_QCJA3XUieAl9mO3XKCjThigF0358ieon09HqzuK4EhUiNT9FD2NFdcT5QOKp9emZIz6n0FCW7Okqa1a5o2Geh_Cz8MqXWQyEBhpvTshahLMXkbUEjsHGvmenzgn5RavjsqRKZ9z3_F4QbhopC1s_P-RLWuPWEToAb1NR2L6uxcVBCSklZL7d40pmVAqIqsLXjn1-5FeHzaImsTuA7DPLoiIlkHeF1z-BkZPLMdflW5JiuwzZJCKIQZEdnxKbgWeJgH_dlsqTlFN5j91NPkcbG0gXViqs1OTvCQ9yQpl_baGaXOzFitywJEKFHCSt5rA3WiwG6x0O7lfnCB209nxz_i9_K12d53nIj4EIC9KjYguwMMNBAqOdVFiQDhh1wtyCXufKKPMYZ2ScAYIbnB16_61jEOGe6jfAL9pi_v3XsEnvrH7_82EJhFFI06_WyqMY2b8A4Rz1xjQxjnYdcEYDWRs-q9jmDDUQ1m1Bs0HHAkBZurEYIAeQr_w2QMDnP3lnNCUzmZxCBL_r6P2H8lBo-Vsz1wYeMtwFZ41gypmWG7imwzwJfsFzCRenBuTJNvOCcwyjdWV4aaCGmLFR2YeeGsMDBQ5lWnOEraodtZ92r_jGlhyH2K-s178n7s1hPIq6AUXTyHKEZ0D40dca3XeH8s1x0Geq8uPIEH4oT74JzALS204typH0zNHcQyT75cKia4v4Hd4cW3MF4hcxh8XM0INp8m0h1DxMTea06I0nzf8OEhLtVIbrMSLLSSJkTb0FrTDnHMHvmnQlaxZM6vfRSgMNVtzM6VU4AeI1qsTKlRwENKHl2UEiic7fRCpa70C6FvOFUG8V_76SH8uDccK1I-mOV50a-AQ7q1J2XUPuJy80AiaHhPaCDOL1VVvdBImokTBgfV52v9AWW_M-XZvCCCiJgJ346MLz11h4MiFPlRv_M8QJYNWPW44UX1sRr_wumH2siKJWuSjlBfalruzDQW3vT-r5lEYy2Y20Q8Xaw0eHGb8g_an0WPy2-0-k9NTm6IKQ4ZPxm6lZo8zOuDM6coVfRX-1Z9rKOSRAi69QzGsOUlIkxn_wWlkGYjJZkjnm4rOE2k46Gy6H3SNd32j8m1arHrAnFZx4cWiHfmz6ObVR6DKQbhOHkwB6SqdA4jnhRTnriqkW-6vLvZS7aLotM_j2zLMJ-UctufZvjmztlMCrxHO0izTZAlCKWzj4qaX4nbs9JyMikRE7eZ_YkxWkfMUgQQG9cz_OnG5KPj1B5zURKfrRgWDj3E2NpYEHodBcMSDRMZ5txsNA1ivCUm2_T9VeiAX8tLtvhdMlbb_lbz4expCLg4zTYH7rE-05bJVFqvdxu9jz9AWZE8Y1tWEr7ITchfeINjs9TDJhO6gC5dB_rK_cGijJWccMd5Mb9horxTZ6eN_d49pwfOGfdwzvcc-uHMQBBI2EDUAf9WsQy5KFqrbz49levfvuWVphTDKdNfzCHw1it2K9xEAO0qdWBgDplfZZv01G5h9YlhIwABs86EloggWarr3BCKTE9ruhM8hvQv160BUXqrf2WVsOsEr0p28I6sZ1dzofhA5sY9nmklQbNwPtz3F0vO5t1Zv6BOeZDcLymyzUOUS53R0p03o2ipydwENnPa-CxmP574fL8A1LetfjyRKEvh5PoeKnM9tJ11icQh8cIthcsnI19zQbsengm4GkAMAOzdle7-VLCwZZsLNADmSa4YYstBowlAiKmfcCp-8AX3oUrN8m0Gc7POhMdcefZj0wPYrz-K1rEtA8GwiOIyxEHFk5YtwUt6vE3HtK5ST7qae0cgxNrduTfn8S1Jn-SAC98aAs7uHrV1nO_jQlfs0RBDa-KYZElfYoqrC5fdzOauQA_xSBhqcTPBVUYaRitxHsgsH2ixVRBBHxhla9LXWunaHBeoJxECY1nwAXfOFahrMnaOGp-R7Ewv1ZCyfF7vgtJUoe0tbPtOeELM6PiKV3_SWvSQ-CG9x9l1DF0GkBxdNExJm1WAaYjCGy6VAIE7RsVBZe3Kqafr2XIRqXKw5lyXkGY6YRWdRc1dXro1_NlKYKn9FvJZoVNDaef-4-P3btUCJ91UxaO3WVC_RLi063zjuXo2Sjel6HblFgY7p-DUqbxNz8kNZIeXZDRWXFOaNPaii0GVaeUTah2-g4EqsnR3NLQMJOEK5S0DSmItfCTELVI9lVCoSHCJ8npWu6Z2GYU1DDafJga6QNTRy8_pZjkP61fUUqWvUsYcLX0gL35_HX86DF_ebkWx0ASuHBfmt-IhmvouGsIYMtx-NdnMakuGYfcMg1hUgfT_a3MiaS3lj6tYWCK4IaEK-98Ezqdb64CH0GwR2ghPZqF5y-abQ0xfraZ-LVTY5Jr3pzNtoHBKzMeWoJoP72-pp8rcfxa8n5AgQh3aVTWZt4L2QFIKQZ3bEO8syACGkmRQtC2NDtWk3F5iKVQWRZAo07WwTvk3zx6dRlynG2vW7nGy1v7t9wq7OQ_srmOW9INRWanA4Zy0ExluEQkxJW2vpUkmi07P8Pf9zafoxIaNsMxzLcs2XwUU7wpE2o5hVM3x0GdXHJyreMSO0A&cid=CAQSSwBpAlJW7aqN8-ZoXz8mSXHkaMCJt_alDm4fxC741kMZJbp-8gOSxO-8dbtFhQW9TdJyboqRW45cuMCbtqRzHQVZSPk6riOn9mYH3hgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=11496697113344450000&adk=2857193498&idt=153&cac=0&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11585 x-xss-protection 0 server cafe etag 30886230758233217 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame C67E	41 KB 13 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 22:35:27 GMT content-encoding br x-content-type-options nosniff age 85902 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Sep 2024 22:35:27 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3D7E	14 KB 2 KB	142ms 50ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 21:01:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame D38B	37 KB 14 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23030 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
GET H3	200	300x250.html Show response s0.2mdn.net/sadbundle/11065803848835661824/ Frame AF70	47 KB 12 KB	136ms 49ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:09 GMT expires Wed, 18 Sep 2024 22:27:09 GMT last-modified Wed, 15 Feb 2023 15:30:17 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2D26	0 0	222ms 93ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9winFyaEcu7EqJl-Jboa4VKVdBv4rXtJN4sjvfBHcwPoqhn19Wr6wx2hUbWt8teCxWbpIpxV-RYRNJ3BYvq3j-hN-BcQpY8hs6rgYOfqFvM1CkmnOrII4sp4HAekPkRg_K_FSSvgtMzIKPIBPdalCLmhG1EBSLBF5k9S0vfmYr13em4jX5O9BrDZBewmuJibb7vz6gl7sdjRMzG84uLtyBOMtS7lNFB1jP1IPBIhpPUdEdMeg1LCdS_vCh-GFlNEMvAwPbkYemRcAxDuXg_V2HWE5stB_4ppeBLG9culLksQKI9JhyzhKSRkX2BUWW69mSXO1EvGUaurXWYNXe_EherjQNQiF28OYlAT96o8XN7tia3aiGhT2e1e0VOcyfXvGIPxtw7EL9Xof_ynOzV-PJXlR1Pq7SCON5e2ldLmDrcZ9pE2DLNhH2peqE7ET8J3UO84Yijh2xbQwN_T7DhL5uzP1pXGzvpL4Zr-dCVWJe-avk97LAnRC7BzWwFa-hFYrMEkdalH-4WfNiy3x5u3GFwwRRTqRKsvGKmJ2W8-sc1Rf3W_JdVsWCQvDTf_DC9dj4W4jbZ3Sza6VrL5ml7AVO_MBLNpeY8Nyjz3IM_x5oS1UhRoYyZi4S2ATq299cjYdaOOThHBsYLVkg2LeH0Cf3S4cJC7ZstamEA3Y0N5SVL7NChw45CZMXhX8k1sbJKkSp-ZKzfXULpWIAjO0dEqA8R4KFGktUqaDfucELIJ32sOCZIyEmbfM-Kj_BVc1Uu58L_Yjxk0oyn41vcoJITyuPX13U7D6f1jNErEUAAjy4wXYZ2w5w9g277eH9e3iAHnwXafboOmAwDwS83IGY10LCWrN49zUBsh_lbruOeAb8gJNv15UJeoFQkFKOhXkVcZNWKbLccQFE3X4GqOhWmPyfwbwqe1UUS4KSF6m2kh-XA4y6Osgqh2snkB1QXXvziKYDdUzSqEFkSjnC6FYuPNZqxdhQz6US8nzAf5Y45z8mkdh6FXtO8ls2kophUueKlyApv7hNksk_IK8GB3ChkaNjHBqIrhSJnoP2wRge1ATeygvi4jMltiFA0-oQzRdJo35g9WKhsRZIoJE8OE52F61KO4qecuvurwTe0cI0PrJKdTDyKOh2j3Mfs_m-hxqgWQSePYP-SD1Oh4JVIKOPaUJ_120M6iwDx_-mtsAVjjBn75osatWSs0A_935x7LkoekN-g_7_CKSNjwJGkCyV--_DtP1JDb3ktxBK9tNJFZUrtGtlo9eWwQ0NrMcYWGulIM_vqaKA60ZvPvJGtDvCGjQjig7Anm7ZHqnQawBmzN1WtZe4q9hdeI&sai=AMfl-YTIIwfl1U5UU7XV1QGJ3I34f-EI6T2r37tWYvipnqwXV8X6aLZpSaX4X3ggexAQwnMVBwQFWWqikb8Lf3Z8b24B2MH3mjYRBMKqp5U9Ws-p-oYNtLFByO_0eK9i89OWFxidKqZJw6t0a6H-yiUxJJwoY4CIGt16czdGMcgR7wBxAigwcFIdbkNvgvy0ft-xNd3TXwvP0aQXm5ku5yVWj0UKU2onWLgGJrOmMTYHW1HThmOfMseCcAvptfbxWVevK5Mesag2hZ8kbU7Nxr6hW9koaujyof7Qy5ydiPRBtb2ArNIE2V5tlOpYIg&sig=Cg0ArKJSzCZEILLX4wC6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=270&cbvp=1&cstd=261&cisv=r20230918.56723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3D7E	2 KB 892 B	40ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 3D7E	23 KB 9 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3D7E	3 KB 1 KB	48ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18031 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3D7E	20 KB 8 KB	49ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3D7E	182 KB 57 KB	2004ms 2000ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H2	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 3D7E	36 KB 15 KB	164ms 56ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 09:37:14 GMT content-encoding gzip x-content-type-options nosniff age 46195 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 09:37:14 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 7EA1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1	43 B 736 B	63ms 60ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_bqI6QEwAQ&v=APEucNVYdOTj-j1-2ttWVh19uj1isUW0kIF6oBxpgteV37zTC8rUN-0SgO_c6FYCpm3w3NGReczrGFuc_Ly4uG2yMltUqEpgGQpKSXPgMEDOTxct7QZm38UCbJjGTJqZb5gTeEK4sAZC_PG1Y2QZzSOJYCNpT70zBX11u0pHsJCEnvWzESvc-j8 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZHyn2ZEUCYd5%2FtY4SG853xatRLZvPRBpzYN23As1ea8MOVD8eN43ZMFTAO%2BihbL55Yu3A1jLx%2Fo82iEyjtWN%2B0G%2BOEJgzYMkgo%2Brtk9NrTxcUA0PACHa6k1gI5PFVelPQeXpGEtdzyTLw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80954121ab0637dd-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 7EA1 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQogPTNkHDK81Nb-W1xifgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1	43 B 734 B	71ms 60ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_bqI6QEwAQ&v=APEucNVYdOTj-j1-2ttWVh19uj1isUW0kIF6oBxpgteV37zTC8rUN-0SgO_c6FYCpm3w3NGReczrGFuc_Ly4uG2yMltUqEpgGQpKSXPgMEDOTxct7QZm38UCbJjGTJqZb5gTeEK4sAZC_PG1Y2QZzSOJYCNpT70zBX11u0pHsJCEnvWzESvc-j8 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzkQEk1zgPXNNCeYDe2amVWHfQ0O0r%2BHMV%2BNsXZZcp%2B3WbgWJuZS99rqvtYB7b92u9PHHgTvQyxKVI0mPdkycO5%2F6k0AxmgVgsl0hr81ZSxENkWEFQxyTbsdNRkHPeYStmrTHXpgoccZZg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 809541226bc737dd-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAz32C9QvseiI9z-TA_YnM0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 7EA1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENJvXdagF3FojxcMtopp7-0&google_cver=1	43 B 843 B	44ms 43ms	Image image/gif	37.252.173.215 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENJvXdagF3FojxcMtopp7-0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_bqI6QEwAQ&v=APEucNVYdOTj-j1-2ttWVh19uj1isUW0kIF6oBxpgteV37zTC8rUN-0SgO_c6FYCpm3w3NGReczrGFuc_Ly4uG2yMltUqEpgGQpKSXPgMEDOTxct7QZm38UCbJjGTJqZb5gTeEK4sAZC_PG1Y2QZzSOJYCNpT70zBX11u0pHsJCEnvWzESvc-j8 Protocol H2 Server 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid e184850e-1c30-400a-a92c-b38cdbc144d8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESENJvXdagF3FojxcMtopp7-0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7EA1 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D	170 B 188 B	51ms 49ms	Image image/png	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY_bqI6QEwAQ&v=APEucNVYdOTj-j1-2ttWVh19uj1isUW0kIF6oBxpgteV37zTC8rUN-0SgO_c6FYCpm3w3NGReczrGFuc_Ly4uG2yMltUqEpgGQpKSXPgMEDOTxct7QZm38UCbJjGTJqZb5gTeEK4sAZC_PG1Y2QZzSOJYCNpT70zBX11u0pHsJCEnvWzESvc-j8 Protocol H3 Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT an-x-request-uuid 237564a2-f73f-478d-af3f-f1c1e63bec30 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE1NjUyNjM0OTUwMTY1OTcwNQ%3D%3D x-proxy-origin 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/9481618809145390274/ Frame 3D7E	4 KB 4 KB	44ms 44ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9481618809145390274/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff7f7d1b079de5ea83d3601444da11baa8a71d36193ae37a52d1311ccdd2e202 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Fri, 15 Sep 2023 21:17:30 GMT x-content-type-options nosniff age 349779 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4375 x-xss-protection 0 last-modified Thu, 11 Aug 2022 07:58:17 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 14 Sep 2024 21:17:30 GMT
GET DATA	200 OK	truncated / Frame 3D7E	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3D7E	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame C67E	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b5862e334b8ca297d73873fc1a224177eca6f1f40d2364c6054db8d985fb8f86 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css2 fonts.googleapis.com/ Frame F00D	4 KB 744 B	70ms 56ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:26:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 22:27:09 GMT
GET H2	200	2ab36c0d951b69d9c04f85f5eb613648.js Show response www.gstatic.com/mysidia/ Frame 948C	9 KB 4 KB	157ms 91ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 09:37:13 GMT content-encoding gzip x-content-type-options nosniff age 46196 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3933 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 09:37:13 GMT
GET H2	200	f378f1a628345b8fc7dfdb57c16922da.js Show response www.gstatic.com/mysidia/ Frame 948C	19 KB 8 KB	161ms 95ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f378f1a628345b8fc7dfdb57c16922da.js?tag=pingback Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec168c7f53b160f6b64c65169ef482003fcb3fa2ca5f6be4446f878c9795a40f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 18:09:27 GMT content-encoding gzip x-content-type-options nosniff age 15462 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7968 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 18:09:27 GMT
GET H2	200	css fonts.googleapis.com/ Frame 948C	14 KB 1 KB	58ms 52ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 21:42:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 948C	2 KB 892 B	50ms 45ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	b1061a67d76c681653b1020afc8e9f9b.js Show response www.gstatic.com/mysidia/ Frame 948C	6 KB 2 KB	156ms 92ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b1061a67d76c681653b1020afc8e9f9b.js?tag=analytics_pingback_2019 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff4cb575ec738d7eee32348a4c9116ac789d53037fdac28ee6a38ee90947e410 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 18:31:08 GMT content-encoding gzip x-content-type-options nosniff age 14161 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2230 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 18:31:08 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 948C	23 KB 9 KB	57ms 52ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 948C	3 KB 1 KB	66ms 61ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18031 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 948C	20 KB 8 KB	58ms 54ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8919 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 948C	0 0	157ms 54ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkYJy5JQ1D-K7n6mF1gRFyEHbt5qk-101jafgtAWU4vNO2kPKN6xHzJPg-49U8BSFvmUh3kvWNcQ8M-daUshipOjlYgw Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 948C	182 KB 57 KB	1954ms 1949ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H2	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 948C	36 KB 15 KB	105ms 43ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 09:37:14 GMT content-encoding gzip x-content-type-options nosniff age 46195 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 09:37:14 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame F00D	20 KB 8 KB	56ms 54ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:01:15 GMT content-encoding br x-content-type-options nosniff age 8754 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8566 x-xss-protection 0 server cafe etag 5625731030761120726 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 20:01:15 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame F00D	205 B 295 B	155ms 98ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sun, 17 Sep 2023 09:19:40 GMT x-content-type-options nosniff age 220049 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 16 Sep 2024 09:19:40 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame F00D	604 B 1 KB	99ms 42ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sat, 16 Sep 2023 09:07:34 GMT x-content-type-options nosniff age 307175 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 15 Sep 2024 09:07:34 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1865	0 20 B	79ms 79ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7712365853614&version=m202309120101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1865	0 20 B	79ms 79ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7712365853614&version=m202309120101&ct=76&x=1&cor=6547158845618445000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1865	111 KB 40 KB	90ms 89ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLdx-kOfzNY-9QfRxI4duRx_rpjwIg3E_BjCrv-iURx5Tq4mMWpVPkToVTkf1WGRdkb3YXDQk3et5BmrFo7mitMYz8SFt8my4DbfbJXHtNV13712c2tcyvUU3I9RWLhlwj1c6xQalTKDufDUAAaH3ROU7GACbYSA3ZJGIfO0v6XF75NrI&dbm_d=AKAmf-BUFbN-L3XFqvs7bSPt4ShOjU2d6DpSmNx81lg1sEoiCqrFGmAXFwlXBlRYyc6McJD0yNLKCtIp6YIgrcV9nW_Y6hUmh4jUtSFYuYtiQRGILZ3Q-LxYvlai_hJquW1bSi38n2YNRevBhRpUaHsPUZ6w6aaPuGXmiJY4s5OevFzu7Fm9KYwWJsQDUzOOU9EyavHNO2SoSmV_D_CzGv86DOgIEf53wQTWexr8kcjHqUMJjIL3GY2FN_qhoGaOzhTs3oFHJ6F_LqYDtLGBNU7rZCV1uRY5sNz7Mxi_EdAej3sAQUnZQFBDCV3frBAi3XO52zgPrBWLjoLOdhEnrR_4PZPQNv7lrgEeM8jliOeDg6Odn7xrtKKbBSumtcuXkfEyDrwbI5CN2UKZBcSfljPunH7OXHfW_qGG4rsXLsj0efuMt89BvXs5Fh7LJBcORc15Ki6L9nADO83FnUDZSLujXpzPabRBSkGT0wu3ajE1gy-oXd-p1JL1sHNWYMHsk4Katm4zz_O7YXxOTgMOlbymA4FIGqagtdkBD5GRKz0f0anyeakMn502Q6BAsXKQNus-ixyxdeijqVjGmDFluth-keFZzRDaiHOcZFOFu8CXIk-4OXTcPLT2Djl3HIwTLT0tdM3M59q_Lm4AwrxRjh9sO7Z6T9DWR-Tr6v7CAXqijX-OcjUVJsY2mdK_didOV4tL1Y5G843wH1c74VMBt4vI_a1t4xWgfiCtU60NDTRVwn9GGX82w0o72Jn72qjCuJCZM0hk2cdNOM3F3gH7pn3qbX1k6CEE2A-XKDJeyZbqElrq0lCOLR3i08AMFQX1oecGma0jXOE5qpZhk2mAaOekZCZJXa8KZ3tdjqbzkuDWcslARNCW-jEH9ShZ0P4WHy6VJwY9V2CdQ7NGHw8h3Lmd3YKDKpQ_kO6QAx2yGl5GchWcrgrUfxbMu2vkdYZjZnGHmCGeC_6tfjJYW_F5sdxiiJu5dcMCljSymdK-ZkUao5euGUva5K54EDQtSM8ReTlX0GSY6GtOkQ1-uzGM0W9GdaqG4hHayXP3qsD9VXnsQAGGA0lsPI-MnriWRIF95K_Ip5MepwCr0Fnfo4RTZkfI3_frL0rPaPfqrid-PrfOu970BJhs1i_2m_XQAs3Ar34lsqp5jYPC_nVUPPAXQ4N4lFbVsbvY0L_Ib3uGWxS61FX0j6ukhFe9alALWBEvZuezbI5mt8zkqw2LITfr0rI-6CX_lg0zrq-wbgniPM-Ha2TA26OfS2-Z59hoL7Cw-pta-C6WZdnM8aovCBEJCG2od2uLKm2B0qaH4s2GmkOdv_p7eJ83rCcEdtemyKWExxX8fQ83JbjyEA_mERY5i04GMSNjGaajt9uQPYJNBbg3bllB4k0FGRpkifCq4H_Tgx3FSMgw33xi-Tc6AmDYzNICnacQj2OIdYO-IVLUmpwH0qcXM4YoC7faDIm4lOVox8nqKaLJoFtYbO_7wxgxiIxgWLzAmrp5nwrvxH_A9Hb4in3e7dG3Ku8kod7HtPzu3NzM5CViB1pwvDQCo5ctc7XVvaSCk-nVYu-RRtcZPFg8DvSv1-sADU-Mmu0Y_QtlWKynPZFyKZyhIRc_EtuAln4eR3wjFduEcV5I4_5z7s7-0Az-Edc7OdSpHReKdqTl306JOco2JguKI_gctD1iCTT6hiIk_rr-Q71dXgW8IiI3GTJC33G52_0YABlDiOgd4hTslWsbv2edPe_evWXx_-cHVLrAzfZQJnR7gEc5ecNQVFeol0cLTDK2KUxt8t-pFi_-KElUu5D8JmtS4YCBacgLuytAMu-D2oPYRpuPMe5PxkittiXMvHr5sdQRXVa-YRAwa6MMikVZKAB3OyVe9F6wWJLpgIMhJiumr-ZG7Fkqb0wxore-vE-XNkyu9tSRsY_EZoW5smv2Zf3oOvK1eD0kTQjyN7Wcf6CITa30jiUMxYaBeVfYsSGb2sQgnK-fxcoHhaaozRxDTrSG3Vtkp5oV_Fcf2pYnlL5v5GrDRTw4e8PTVNwE37wOYwi-UeocU66nmwOVKllQCcHfbNLPK9sYnQflgNHG9UYdawZAV9L_vdTkTYWmYUTMqNWlhnlrJ8MTerF0SkLfNDF_7_EfkbkGSDKitvUnbXfW5epFoE7NRuc0Fzx4P5O2rKPAGLrTWy59fLSAY7MsavdWRw63LGWUN0Ke1MKgSgrF2f4yGFSTFpIkzfFsfBtSOysyTGesGXOp9w_44hIpBIAPMtW3AgLC4ib0J2nEj_2mmiyaHOdbI1YFEyO8wA_4ZwM6PM4c-Uo4o8LJQIpkDDJL4wGGrM38aypSiMjxKqtZdf3lXrU7mZXZxRbVDyLgpVOlVNA7PWsyvPwTBMbqfIdh8VsEj4AHsnVByZhwfHGtRbryQly6Q-At0zJbom03bVIEG85jSOJkV-akAFa-iPYbgvfIkZt-1bcPFkVHmQJy1Y7MbqDfg3lJuKiz7opi8Eh35YmwMPRT8HpANFopyMv8vyLU5UTjubbG0kYI6dfh8VtfU7pk9fPB6RY7NGlUEp4qFetHEu7ZGWGAUdr0A6c2ugt7XH3Uwrqv0bjnPnZePsFpG3DzlU9ZC51JoqAoZQB97RhRxZrRGs0QGbH2Dfgq6RnOeTgjmNo1TgNirkmtZosx3aIUe7Apaw2KuBanZulSM8cXJ17VWITDIuhHdZDtneDCpp4O2HQ0pv1by9zpu3bo9MX6jt16XJnv6wllCwFGtkhzYeZGmlIqHPjLoXliw6OHv1C11DHQfhxwftf8XiUqmVQSl67SK2_ZJXNvhiaapyB0ITCFutbdqxa0ctErFvgAHcCOT0OdaKh8As_E-eEI_rjgqlxTJPx2jQO2ftchb0TCLVHDw-h51gBMcmY88R0PpmREOlpVwbdae8y4Mh9lxXLoqD1cVy9j8IEgVR5fu6Y1Pv6vMkQs9mcApCTF7kidgld0Nv0LrHsKvqWR9Hv-wO_MVZqebdlOe_Y4k1A037kxfj9AGwsf3-55qLVgxwZDyy5e8cIze4v_EK2l2QicUmnkkEA73p-2ZcfDNTXqzbZQcn7lvEUQbGIWLyjk9lNJlWccW7DMWMW5z9NJpDd3CbuGdTLTXg4hWUsGoP-HmQnHnlDDYleKFhCRuCTuJhIoyYwo_TUXgchHMKw2dMxVWkXnMR_s3ITV0Zm5udNDsyZwwD2xSXetdn1YxLFCiy7Pkw4z44uUrS7ZmwZZXyfixwJGQ9H-niTVDA85iefzPX13D4_Oc1byXYAYuhvMecQPy-V3s1zFozabeRjMY-HJqoUcpDGdy6pkc1kN7Pe7gTnFsKM-NqhFBiSCETTrfhMUcpwCe14EJl_dfCCtlFjBwA3EVt3zsdBLJD-qBRd65i2O91G2YdLFVPdyEkVdKdFeY5TcZxu7Df1yxhLjuF6H7S510ByzsL3A6pMT7kzkOu5sqKPef-8TJp3X4dXQSo5mpdof4Tigb8Y1JxTwZftzp3dKRYQ6QmnhKNKlSPO0KjVLVhr4LOIjKaeDaUeCbApK-iMtSWtxynFR1ut0iwUc69uX6erfhFCJ6mDZyQAWU4WgcOr36BT47l8T&cid=CAQSTABpAlJWHm8C6bcJ1AQAKTX7GSbDIaBP_SL86jQg06L-3EgmssnW2cZHDmzfOeYwtIzqsUou1Ouj7Ms4Fs5Qv2Vm_-ZXB8wyYMMCBZ4YAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=6547158845618445000&adk=250412560&idt=108&cac=0&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6644ae5b2efcc8e6541933f0590d51e8c964c539da614fae4ff3411d439557e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41404 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1BF6	22 KB 8 KB	46ms 44ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 437367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Sep 2023 20:57:42 GMT expires Fri, 13 Sep 2024 20:57:42 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/17990266662471768200/ Frame D173	141 KB 22 KB	51ms 45ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 286138 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 22865 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 16 Sep 2023 14:58:11 GMT expires Sun, 15 Sep 2024 14:58:11 GMT last-modified Wed, 09 Feb 2022 10:37:12 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C67E	0 0	101ms 93ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq40efausxaN0XtVAPCfjMDc8drDu5bHUgyJHhX2W3auw87PfCOu88YH9xVgx8FYoY_mZIvctZgqDeIS6ZrQdiVGvmDTeZ6Sewn77GeHv9TE94P7NiBbofPgWaw60Tt8PnmRXrlJ3aQtnKrTv1IXQmFXkMOgnAKMT-__C5b5Q94L-VZdxlgFJgXA9KTw5C4UCLbuzu3G5b5DzDWctogPUBJkVnpxCbXSRkEvwNw5OsOVa_uxVnE4BDdFuMarfjC8xZC1rpAXKsIXZLkHHFpwA3ch44fdO7AHpNAfeQ1kzkaPxlYtmYQ2EP5C-s9mnbqfYsvnwFnmbH9JvNEBvAhrEYvBplv3Q_UurJZ6-G565geNWlgBf7CQdt9ZPHf9WOoYDkUC8OFCN8xvaE4PozJM26vi-3yME2FCPL8V2BX7SGMGxiLp3x3_PTWdMr6_vyCK-bpt3cnPS15TbV-JOQd_J2Ez24GLxTwnsNObAe1-1VvOb0AQnNvPI9tWK5wnng0iANvZgnx-bizklB-0n7rWwmDO4l283e5DKrYIY3Pm4Ce4j7ESQo3dRQWPFUT6otSq3p9QRhaeAVcPv4thdAfsNSGQusfU-zJjXqcpRBxSvz61ygqqKGYt9I8NJ_DsHN_qan0EiNowCstOrTw-b4fjVqE-gSgcWeSq_19GnT1mJdRaXQPKJymojzYtBYJR1qny5lDlc2ABMToLU6-6Zfxm3xJUNjoN1veronkbwF9qPYhnwvnK5j1VoCdVFLpR8PdQhEV1W_Li7H4NtRqo73pMz3gjG3f6N73YIPZbVdj7FotVmzED1Mzz_o8AapeOGr1KmVq5eQc9KmmWG6rxqpUxHjocAP_hb6CTOidHhfgpLKjscIBoQfxnFfK0iHbhPKMImEW3FoTUSM-tdgQEz32nSwYVPhNOUTL_IEtfYG8WAnazv1z55cdshcdn1EJhZ3M0qWx9d-GP6Pqk8OwpFoiujQ34Rt_1QtY6sU1TWmXa4h0eHSWFQvBK524xA5dPYrqMfPiTQ961sx54Bo_OhJ3xaJ-UaLjvx-15gnrs0nkrX7aCvA4irn3K0zN_wY93YzlAl0mLrGoLyOy1F3IXdIKQGqWXSDcXlrXoXov5xIGeaGGunS9XnPLx2AnMZOP3u_gpS59GI0O3D3nqFLJ7FG7bHr6T-XEDlQu7W8D6d65rY-bwlTWIKHBzKMD-zrdQU7esdwvBRGOg0_LVPZ5ylTs8zOLRim4LqVKss-NsC62qdb3BTv9n0t2LcxiKvdKiv86t6Ossc7VPxy-qkpxY0XpNtZOTYd_PHGfItKDErzweHePaMI8DV4U_rzGc-dtOoTOZBeMVbVB829TGZu9eME9btWCIOKZMZHIsQDigc&sai=AMfl-YThUb8V26mN49-64W-yZCbEDczCHxb0msAghlUDaPGVuH13Tw0DrwvVSRyY7WdtM5bnXaH0m98coM28Fb8olRkDzezITNCVqFP4Oj26tgZn_k-2pLWAulyfGthtbPfrg9EDw-GOnq1YmwWJc1Z5v9j-IpjltBSDIRJwAYTgwHPSMfvU8ShmEgSKneWpmb_xs2kL8wgyAyhRaeyUOrfFG-o33yoplR3CkVv4YvgsWlA2i8Ze1IDgLmypNeZtXeolJLqTnMda490w2OhcrZravA3kOy9gd0BH&sig=Cg0ArKJSzNR-zudEhzT6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=177&cbvp=1&cstd=174&cisv=r20230918.91017&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 19 Sep 2023 22:27:09 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/	154 KB 52 KB	142ms 138ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 313e926343deff30d9212ab63188e3930f8a4bb952c446b6f5451e46c2766b76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53718 x-xss-protection 0 server cafe etag 15585074764363301055 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame AF70	118 KB 40 KB	63ms 46ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:00:38 GMT content-encoding gzip x-content-type-options nosniff age 19591 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:00:38 GMT
GET H3	200	gsap_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame AF70	63 KB 25 KB	78ms 62ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25329 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 22:27:09 GMT
GET H3	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame D173	29 KB 10 KB	65ms 54ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 10:44:39 GMT content-encoding gzip x-content-type-options nosniff age 42150 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 10:44:39 GMT
GET DATA	200 OK	truncated / Frame 3D7E	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7daddbebfbacf4decd27f58aaf2b61e1a3b6a0755927d3c3da594c358353f4cb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1450266/71191763/ Frame 1865	250 KB 75 KB	58ms 58ms	Script application/javascript	54.155.202.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1450266/71191763/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014315727&ias_pubId=pub-2840258101411863&ias_chanId=1&ias_placementId=20517361851&bidurl=https://spdflashtool.com/category/download&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0jCukeyzKW6QzSVnrdT2VP- Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.202.110 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-202-110.eu-west-1.compute.amazonaws.com Software / Resource Hash c6f06ece8bf6e6965286e78ec1ac0e7835cd567305384fe1acf46df599c4406f Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:09 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 1865	111 KB 39 KB	47ms 42ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:48:00 GMT content-encoding gzip x-content-type-options nosniff age 16749 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:48:00 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 1865	11 KB 4 KB	45ms 43ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLdx-kOfzNY-9QfRxI4duRx_rpjwIg3E_BjCrv-iURx5Tq4mMWpVPkToVTkf1WGRdkb3YXDQk3et5BmrFo7mitMYz8SFt8my4DbfbJXHtNV13712c2tcyvUU3I9RWLhlwj1c6xQalTKDufDUAAaH3ROU7GACbYSA3ZJGIfO0v6XF75NrI&dbm_d=AKAmf-BUFbN-L3XFqvs7bSPt4ShOjU2d6DpSmNx81lg1sEoiCqrFGmAXFwlXBlRYyc6McJD0yNLKCtIp6YIgrcV9nW_Y6hUmh4jUtSFYuYtiQRGILZ3Q-LxYvlai_hJquW1bSi38n2YNRevBhRpUaHsPUZ6w6aaPuGXmiJY4s5OevFzu7Fm9KYwWJsQDUzOOU9EyavHNO2SoSmV_D_CzGv86DOgIEf53wQTWexr8kcjHqUMJjIL3GY2FN_qhoGaOzhTs3oFHJ6F_LqYDtLGBNU7rZCV1uRY5sNz7Mxi_EdAej3sAQUnZQFBDCV3frBAi3XO52zgPrBWLjoLOdhEnrR_4PZPQNv7lrgEeM8jliOeDg6Odn7xrtKKbBSumtcuXkfEyDrwbI5CN2UKZBcSfljPunH7OXHfW_qGG4rsXLsj0efuMt89BvXs5Fh7LJBcORc15Ki6L9nADO83FnUDZSLujXpzPabRBSkGT0wu3ajE1gy-oXd-p1JL1sHNWYMHsk4Katm4zz_O7YXxOTgMOlbymA4FIGqagtdkBD5GRKz0f0anyeakMn502Q6BAsXKQNus-ixyxdeijqVjGmDFluth-keFZzRDaiHOcZFOFu8CXIk-4OXTcPLT2Djl3HIwTLT0tdM3M59q_Lm4AwrxRjh9sO7Z6T9DWR-Tr6v7CAXqijX-OcjUVJsY2mdK_didOV4tL1Y5G843wH1c74VMBt4vI_a1t4xWgfiCtU60NDTRVwn9GGX82w0o72Jn72qjCuJCZM0hk2cdNOM3F3gH7pn3qbX1k6CEE2A-XKDJeyZbqElrq0lCOLR3i08AMFQX1oecGma0jXOE5qpZhk2mAaOekZCZJXa8KZ3tdjqbzkuDWcslARNCW-jEH9ShZ0P4WHy6VJwY9V2CdQ7NGHw8h3Lmd3YKDKpQ_kO6QAx2yGl5GchWcrgrUfxbMu2vkdYZjZnGHmCGeC_6tfjJYW_F5sdxiiJu5dcMCljSymdK-ZkUao5euGUva5K54EDQtSM8ReTlX0GSY6GtOkQ1-uzGM0W9GdaqG4hHayXP3qsD9VXnsQAGGA0lsPI-MnriWRIF95K_Ip5MepwCr0Fnfo4RTZkfI3_frL0rPaPfqrid-PrfOu970BJhs1i_2m_XQAs3Ar34lsqp5jYPC_nVUPPAXQ4N4lFbVsbvY0L_Ib3uGWxS61FX0j6ukhFe9alALWBEvZuezbI5mt8zkqw2LITfr0rI-6CX_lg0zrq-wbgniPM-Ha2TA26OfS2-Z59hoL7Cw-pta-C6WZdnM8aovCBEJCG2od2uLKm2B0qaH4s2GmkOdv_p7eJ83rCcEdtemyKWExxX8fQ83JbjyEA_mERY5i04GMSNjGaajt9uQPYJNBbg3bllB4k0FGRpkifCq4H_Tgx3FSMgw33xi-Tc6AmDYzNICnacQj2OIdYO-IVLUmpwH0qcXM4YoC7faDIm4lOVox8nqKaLJoFtYbO_7wxgxiIxgWLzAmrp5nwrvxH_A9Hb4in3e7dG3Ku8kod7HtPzu3NzM5CViB1pwvDQCo5ctc7XVvaSCk-nVYu-RRtcZPFg8DvSv1-sADU-Mmu0Y_QtlWKynPZFyKZyhIRc_EtuAln4eR3wjFduEcV5I4_5z7s7-0Az-Edc7OdSpHReKdqTl306JOco2JguKI_gctD1iCTT6hiIk_rr-Q71dXgW8IiI3GTJC33G52_0YABlDiOgd4hTslWsbv2edPe_evWXx_-cHVLrAzfZQJnR7gEc5ecNQVFeol0cLTDK2KUxt8t-pFi_-KElUu5D8JmtS4YCBacgLuytAMu-D2oPYRpuPMe5PxkittiXMvHr5sdQRXVa-YRAwa6MMikVZKAB3OyVe9F6wWJLpgIMhJiumr-ZG7Fkqb0wxore-vE-XNkyu9tSRsY_EZoW5smv2Zf3oOvK1eD0kTQjyN7Wcf6CITa30jiUMxYaBeVfYsSGb2sQgnK-fxcoHhaaozRxDTrSG3Vtkp5oV_Fcf2pYnlL5v5GrDRTw4e8PTVNwE37wOYwi-UeocU66nmwOVKllQCcHfbNLPK9sYnQflgNHG9UYdawZAV9L_vdTkTYWmYUTMqNWlhnlrJ8MTerF0SkLfNDF_7_EfkbkGSDKitvUnbXfW5epFoE7NRuc0Fzx4P5O2rKPAGLrTWy59fLSAY7MsavdWRw63LGWUN0Ke1MKgSgrF2f4yGFSTFpIkzfFsfBtSOysyTGesGXOp9w_44hIpBIAPMtW3AgLC4ib0J2nEj_2mmiyaHOdbI1YFEyO8wA_4ZwM6PM4c-Uo4o8LJQIpkDDJL4wGGrM38aypSiMjxKqtZdf3lXrU7mZXZxRbVDyLgpVOlVNA7PWsyvPwTBMbqfIdh8VsEj4AHsnVByZhwfHGtRbryQly6Q-At0zJbom03bVIEG85jSOJkV-akAFa-iPYbgvfIkZt-1bcPFkVHmQJy1Y7MbqDfg3lJuKiz7opi8Eh35YmwMPRT8HpANFopyMv8vyLU5UTjubbG0kYI6dfh8VtfU7pk9fPB6RY7NGlUEp4qFetHEu7ZGWGAUdr0A6c2ugt7XH3Uwrqv0bjnPnZePsFpG3DzlU9ZC51JoqAoZQB97RhRxZrRGs0QGbH2Dfgq6RnOeTgjmNo1TgNirkmtZosx3aIUe7Apaw2KuBanZulSM8cXJ17VWITDIuhHdZDtneDCpp4O2HQ0pv1by9zpu3bo9MX6jt16XJnv6wllCwFGtkhzYeZGmlIqHPjLoXliw6OHv1C11DHQfhxwftf8XiUqmVQSl67SK2_ZJXNvhiaapyB0ITCFutbdqxa0ctErFvgAHcCOT0OdaKh8As_E-eEI_rjgqlxTJPx2jQO2ftchb0TCLVHDw-h51gBMcmY88R0PpmREOlpVwbdae8y4Mh9lxXLoqD1cVy9j8IEgVR5fu6Y1Pv6vMkQs9mcApCTF7kidgld0Nv0LrHsKvqWR9Hv-wO_MVZqebdlOe_Y4k1A037kxfj9AGwsf3-55qLVgxwZDyy5e8cIze4v_EK2l2QicUmnkkEA73p-2ZcfDNTXqzbZQcn7lvEUQbGIWLyjk9lNJlWccW7DMWMW5z9NJpDd3CbuGdTLTXg4hWUsGoP-HmQnHnlDDYleKFhCRuCTuJhIoyYwo_TUXgchHMKw2dMxVWkXnMR_s3ITV0Zm5udNDsyZwwD2xSXetdn1YxLFCiy7Pkw4z44uUrS7ZmwZZXyfixwJGQ9H-niTVDA85iefzPX13D4_Oc1byXYAYuhvMecQPy-V3s1zFozabeRjMY-HJqoUcpDGdy6pkc1kN7Pe7gTnFsKM-NqhFBiSCETTrfhMUcpwCe14EJl_dfCCtlFjBwA3EVt3zsdBLJD-qBRd65i2O91G2YdLFVPdyEkVdKdFeY5TcZxu7Df1yxhLjuF6H7S510ByzsL3A6pMT7kzkOu5sqKPef-8TJp3X4dXQSo5mpdof4Tigb8Y1JxTwZftzp3dKRYQ6QmnhKNKlSPO0KjVLVhr4LOIjKaeDaUeCbApK-iMtSWtxynFR1ut0iwUc69uX6erfhFCJ6mDZyQAWU4WgcOr36BT47l8T&cid=CAQSTABpAlJWHm8C6bcJ1AQAKTX7GSbDIaBP_SL86jQg06L-3EgmssnW2cZHDmzfOeYwtIzqsUou1Ouj7Ms4Fs5Qv2Vm_-ZXB8wyYMMCBZ4YAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=6547158845618445000&adk=250412560&idt=108&cac=0&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 1865	30 KB 11 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLdx-kOfzNY-9QfRxI4duRx_rpjwIg3E_BjCrv-iURx5Tq4mMWpVPkToVTkf1WGRdkb3YXDQk3et5BmrFo7mitMYz8SFt8my4DbfbJXHtNV13712c2tcyvUU3I9RWLhlwj1c6xQalTKDufDUAAaH3ROU7GACbYSA3ZJGIfO0v6XF75NrI&dbm_d=AKAmf-BUFbN-L3XFqvs7bSPt4ShOjU2d6DpSmNx81lg1sEoiCqrFGmAXFwlXBlRYyc6McJD0yNLKCtIp6YIgrcV9nW_Y6hUmh4jUtSFYuYtiQRGILZ3Q-LxYvlai_hJquW1bSi38n2YNRevBhRpUaHsPUZ6w6aaPuGXmiJY4s5OevFzu7Fm9KYwWJsQDUzOOU9EyavHNO2SoSmV_D_CzGv86DOgIEf53wQTWexr8kcjHqUMJjIL3GY2FN_qhoGaOzhTs3oFHJ6F_LqYDtLGBNU7rZCV1uRY5sNz7Mxi_EdAej3sAQUnZQFBDCV3frBAi3XO52zgPrBWLjoLOdhEnrR_4PZPQNv7lrgEeM8jliOeDg6Odn7xrtKKbBSumtcuXkfEyDrwbI5CN2UKZBcSfljPunH7OXHfW_qGG4rsXLsj0efuMt89BvXs5Fh7LJBcORc15Ki6L9nADO83FnUDZSLujXpzPabRBSkGT0wu3ajE1gy-oXd-p1JL1sHNWYMHsk4Katm4zz_O7YXxOTgMOlbymA4FIGqagtdkBD5GRKz0f0anyeakMn502Q6BAsXKQNus-ixyxdeijqVjGmDFluth-keFZzRDaiHOcZFOFu8CXIk-4OXTcPLT2Djl3HIwTLT0tdM3M59q_Lm4AwrxRjh9sO7Z6T9DWR-Tr6v7CAXqijX-OcjUVJsY2mdK_didOV4tL1Y5G843wH1c74VMBt4vI_a1t4xWgfiCtU60NDTRVwn9GGX82w0o72Jn72qjCuJCZM0hk2cdNOM3F3gH7pn3qbX1k6CEE2A-XKDJeyZbqElrq0lCOLR3i08AMFQX1oecGma0jXOE5qpZhk2mAaOekZCZJXa8KZ3tdjqbzkuDWcslARNCW-jEH9ShZ0P4WHy6VJwY9V2CdQ7NGHw8h3Lmd3YKDKpQ_kO6QAx2yGl5GchWcrgrUfxbMu2vkdYZjZnGHmCGeC_6tfjJYW_F5sdxiiJu5dcMCljSymdK-ZkUao5euGUva5K54EDQtSM8ReTlX0GSY6GtOkQ1-uzGM0W9GdaqG4hHayXP3qsD9VXnsQAGGA0lsPI-MnriWRIF95K_Ip5MepwCr0Fnfo4RTZkfI3_frL0rPaPfqrid-PrfOu970BJhs1i_2m_XQAs3Ar34lsqp5jYPC_nVUPPAXQ4N4lFbVsbvY0L_Ib3uGWxS61FX0j6ukhFe9alALWBEvZuezbI5mt8zkqw2LITfr0rI-6CX_lg0zrq-wbgniPM-Ha2TA26OfS2-Z59hoL7Cw-pta-C6WZdnM8aovCBEJCG2od2uLKm2B0qaH4s2GmkOdv_p7eJ83rCcEdtemyKWExxX8fQ83JbjyEA_mERY5i04GMSNjGaajt9uQPYJNBbg3bllB4k0FGRpkifCq4H_Tgx3FSMgw33xi-Tc6AmDYzNICnacQj2OIdYO-IVLUmpwH0qcXM4YoC7faDIm4lOVox8nqKaLJoFtYbO_7wxgxiIxgWLzAmrp5nwrvxH_A9Hb4in3e7dG3Ku8kod7HtPzu3NzM5CViB1pwvDQCo5ctc7XVvaSCk-nVYu-RRtcZPFg8DvSv1-sADU-Mmu0Y_QtlWKynPZFyKZyhIRc_EtuAln4eR3wjFduEcV5I4_5z7s7-0Az-Edc7OdSpHReKdqTl306JOco2JguKI_gctD1iCTT6hiIk_rr-Q71dXgW8IiI3GTJC33G52_0YABlDiOgd4hTslWsbv2edPe_evWXx_-cHVLrAzfZQJnR7gEc5ecNQVFeol0cLTDK2KUxt8t-pFi_-KElUu5D8JmtS4YCBacgLuytAMu-D2oPYRpuPMe5PxkittiXMvHr5sdQRXVa-YRAwa6MMikVZKAB3OyVe9F6wWJLpgIMhJiumr-ZG7Fkqb0wxore-vE-XNkyu9tSRsY_EZoW5smv2Zf3oOvK1eD0kTQjyN7Wcf6CITa30jiUMxYaBeVfYsSGb2sQgnK-fxcoHhaaozRxDTrSG3Vtkp5oV_Fcf2pYnlL5v5GrDRTw4e8PTVNwE37wOYwi-UeocU66nmwOVKllQCcHfbNLPK9sYnQflgNHG9UYdawZAV9L_vdTkTYWmYUTMqNWlhnlrJ8MTerF0SkLfNDF_7_EfkbkGSDKitvUnbXfW5epFoE7NRuc0Fzx4P5O2rKPAGLrTWy59fLSAY7MsavdWRw63LGWUN0Ke1MKgSgrF2f4yGFSTFpIkzfFsfBtSOysyTGesGXOp9w_44hIpBIAPMtW3AgLC4ib0J2nEj_2mmiyaHOdbI1YFEyO8wA_4ZwM6PM4c-Uo4o8LJQIpkDDJL4wGGrM38aypSiMjxKqtZdf3lXrU7mZXZxRbVDyLgpVOlVNA7PWsyvPwTBMbqfIdh8VsEj4AHsnVByZhwfHGtRbryQly6Q-At0zJbom03bVIEG85jSOJkV-akAFa-iPYbgvfIkZt-1bcPFkVHmQJy1Y7MbqDfg3lJuKiz7opi8Eh35YmwMPRT8HpANFopyMv8vyLU5UTjubbG0kYI6dfh8VtfU7pk9fPB6RY7NGlUEp4qFetHEu7ZGWGAUdr0A6c2ugt7XH3Uwrqv0bjnPnZePsFpG3DzlU9ZC51JoqAoZQB97RhRxZrRGs0QGbH2Dfgq6RnOeTgjmNo1TgNirkmtZosx3aIUe7Apaw2KuBanZulSM8cXJ17VWITDIuhHdZDtneDCpp4O2HQ0pv1by9zpu3bo9MX6jt16XJnv6wllCwFGtkhzYeZGmlIqHPjLoXliw6OHv1C11DHQfhxwftf8XiUqmVQSl67SK2_ZJXNvhiaapyB0ITCFutbdqxa0ctErFvgAHcCOT0OdaKh8As_E-eEI_rjgqlxTJPx2jQO2ftchb0TCLVHDw-h51gBMcmY88R0PpmREOlpVwbdae8y4Mh9lxXLoqD1cVy9j8IEgVR5fu6Y1Pv6vMkQs9mcApCTF7kidgld0Nv0LrHsKvqWR9Hv-wO_MVZqebdlOe_Y4k1A037kxfj9AGwsf3-55qLVgxwZDyy5e8cIze4v_EK2l2QicUmnkkEA73p-2ZcfDNTXqzbZQcn7lvEUQbGIWLyjk9lNJlWccW7DMWMW5z9NJpDd3CbuGdTLTXg4hWUsGoP-HmQnHnlDDYleKFhCRuCTuJhIoyYwo_TUXgchHMKw2dMxVWkXnMR_s3ITV0Zm5udNDsyZwwD2xSXetdn1YxLFCiy7Pkw4z44uUrS7ZmwZZXyfixwJGQ9H-niTVDA85iefzPX13D4_Oc1byXYAYuhvMecQPy-V3s1zFozabeRjMY-HJqoUcpDGdy6pkc1kN7Pe7gTnFsKM-NqhFBiSCETTrfhMUcpwCe14EJl_dfCCtlFjBwA3EVt3zsdBLJD-qBRd65i2O91G2YdLFVPdyEkVdKdFeY5TcZxu7Df1yxhLjuF6H7S510ByzsL3A6pMT7kzkOu5sqKPef-8TJp3X4dXQSo5mpdof4Tigb8Y1JxTwZftzp3dKRYQ6QmnhKNKlSPO0KjVLVhr4LOIjKaeDaUeCbApK-iMtSWtxynFR1ut0iwUc69uX6erfhFCJ6mDZyQAWU4WgcOr36BT47l8T&cid=CAQSTABpAlJWHm8C6bcJ1AQAKTX7GSbDIaBP_SL86jQg06L-3EgmssnW2cZHDmzfOeYwtIzqsUou1Ouj7Ms4Fs5Qv2Vm_-ZXB8wyYMMCBZ4YAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fspdflashtool.com%2F&ds=l&xdt=1&iif=1&cor=6547158845618445000&adk=250412560&idt=108&cac=0&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:57:18 GMT content-encoding br x-content-type-options nosniff age 8991 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11585 x-xss-protection 0 server cafe etag 30886230758233217 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:57:18 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 1865	41 KB 13 KB	50ms 48ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 22:35:27 GMT content-encoding br x-content-type-options nosniff age 85902 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Sep 2024 22:35:27 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5446	1 KB 643 B	50ms 39ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 9620 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 19:46:49 GMT etag 48472445140208031 expires Wed, 20 Sep 2023 19:46:49 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame 1BF6	37 KB 14 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23030 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
GET DATA	200 OK	truncated / Frame 1865	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b87d783f1455b3c6ad3cb47db43d1eeca286e783e1d15b5c53dcfca0771b737 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4a.js Show response static.adsafeprotected.com/ Frame C67E Redirect Chain https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20343398390&bidurl=https://spdflashtool.com/... https://static.adsafeprotected.com/4a.js	2 KB 2 KB	116ms 65ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4a.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0 content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) date Mon, 18 Sep 2023 19:09:36 GMT x-amz-cf-pop CDG50-P4 age 98255 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 08 Aug 2023 19:01:30 GMT server AmazonS3 etag W/"589d8955c4906ab1b8e63a2f92d932d3" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id meM2IkvhrChD35PIdGBT4hXxxlB0GOdhkcOjzlGM8AOCAuZrisnglg== Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name app19.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4a.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 3C2B	91 KB 23 KB	191ms 55ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 31387854 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id NR2YXAF935G0M0dQehWhkJc3b-xrziqZKDZRjbj8es68K17WPFgz6Q==
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2D26	0 0	80ms 79ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9winFyaEcu7EqJl-Jboa4VKVdBv4rXtJN4sjvfBHcwPoqhn19Wr6wx2hUbWt8teCxWbpIpxV-RYRNJ3BYvq3j-hN-BcQpY8hs6rgYOfqFvM1CkmnOrII4sp4HAekPkRg_K_FSSvgtMzIKPIBPdalCLmhG1EBSLBF5k9S0vfmYr13em4jX5O9BrDZBewmuJibb7vz6gl7sdjRMzG84uLtyBOMtS7lNFB1jP1IPBIhpPUdEdMeg1LCdS_vCh-GFlNEMvAwPbkYemRcAxDuXg_V2HWE5stB_4ppeBLG9culLksQKI9JhyzhKSRkX2BUWW69mSXO1EvGUaurXWYNXe_EherjQNQiF28OYlAT96o8XN7tia3aiGhT2e1e0VOcyfXvGIPxtw7EL9Xof_ynOzV-PJXlR1Pq7SCON5e2ldLmDrcZ9pE2DLNhH2peqE7ET8J3UO84Yijh2xbQwN_T7DhL5uzP1pXGzvpL4Zr-dCVWJe-avk97LAnRC7BzWwFa-hFYrMEkdalH-4WfNiy3x5u3GFwwRRTqRKsvGKmJ2W8-sc1Rf3W_JdVsWCQvDTf_DC9dj4W4jbZ3Sza6VrL5ml7AVO_MBLNpeY8Nyjz3IM_x5oS1UhRoYyZi4S2ATq299cjYdaOOThHBsYLVkg2LeH0Cf3S4cJC7ZstamEA3Y0N5SVL7NChw45CZMXhX8k1sbJKkSp-ZKzfXULpWIAjO0dEqA8R4KFGktUqaDfucELIJ32sOCZIyEmbfM-Kj_BVc1Uu58L_Yjxk0oyn41vcoJITyuPX13U7D6f1jNErEUAAjy4wXYZ2w5w9g277eH9e3iAHnwXafboOmAwDwS83IGY10LCWrN49zUBsh_lbruOeAb8gJNv15UJeoFQkFKOhXkVcZNWKbLccQFE3X4GqOhWmPyfwbwqe1UUS4KSF6m2kh-XA4y6Osgqh2snkB1QXXvziKYDdUzSqEFkSjnC6FYuPNZqxdhQz6US8nzAf5Y45z8mkdh6FXtO8ls2kophUueKlyApv7hNksk_IK8GB3ChkaNjHBqIrhSJnoP2wRge1ATeygvi4jMltiFA0-oQzRdJo35g9WKhsRZIoJE8OE52F61KO4qecuvurwTe0cI0PrJKdTDyKOh2j3Mfs_m-hxqgWQSePYP-SD1Oh4JVIKOPaUJ_120M6iwDx_-mtsAVjjBn75osatWSs0A_935x7LkoekN-g_7_CKSNjwJGkCyV--_DtP1JDb3ktxBK9tNJFZUrtGtlo9eWwQ0NrMcYWGulIM_vqaKA60ZvPvJGtDvCGjQjig7Anm7ZHqnQawBmzN1WtZe4q9hdeI&sai=AMfl-YTIIwfl1U5UU7XV1QGJ3I34f-EI6T2r37tWYvipnqwXV8X6aLZpSaX4X3ggexAQwnMVBwQFWWqikb8Lf3Z8b24B2MH3mjYRBMKqp5U9Ws-p-oYNtLFByO_0eK9i89OWFxidKqZJw6t0a6H-yiUxJJwoY4CIGt16czdGMcgR7wBxAigwcFIdbkNvgvy0ft-xNd3TXwvP0aQXm5ku5yVWj0UKU2onWLgGJrOmMTYHW1HThmOfMseCcAvptfbxWVevK5Mesag2hZ8kbU7Nxr6hW9koaujyof7Qy5ydiPRBtb2ArNIE2V5tlOpYIg&sig=Cg0ArKJSzCZEILLX4wC6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=693&vt=11&dtpt=423&dett=3&cstd=261&cisv=r20230918.56723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 19 Sep 2023 22:27:10 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame CFA9	10 KB 4 KB	43ms 40ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4438 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 21:02:07 GMT etag 8554266389219770021 expires Tue, 03 Oct 2023 21:02:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame C67E	43 B 215 B	434ms 121ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8b48ee5d-389b-a958-bdfd-876dfbae4799&tv=%7Bc:oHPrhG,pingTime:-3,time:102,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNIW+11%7C12%7C13%7C141%7C151%7C1521%7C153%7C16%7C17%7C18*.990511-61634096%7C181%7C182%7C183%7C1911,idMap:18*,rmeas:1,rend:0,renddet:na,siq:27%7D&br=c Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt24.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame C67E	43 B 216 B	430ms 120ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8b48ee5d-389b-a958-bdfd-876dfbae4799&tv=%7Bc:oHPrhH,pingTime:-6,time:103,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNIW+11%7C12%7C13%7C141%7C151%7C1521%7C153%7C16%7C17%7C18*.990511-61634096%7C181%7C182%7C183%7C1911,idMap:18*,rmeas:1,rend:0,renddet:na,siq:27%7D&tpiLookup=ao:spdflashtool.com*&br=c Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt01.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 948C	0 20 B	74ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRArIQAAAAAAACxAMAQKDRADIQAAADAzI29AMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAzQDAEEhpDS0NLczVQY3Q0RURGV2NUVlFnZHBGc0RjQSIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM= Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/f378f1a628345b8fc7dfdb57c16922da.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame C67E	43 B 215 B	414ms 122ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8b48ee5d-389b-a958-bdfd-876dfbae4799&tv=%7Bc:oHPri1,pingTime:-2,time:123,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:834,beZ:836,mfA:838,cmA:839,inA:840,inZ:844,prA:844,prZ:854,si:860,poA:862,poZ:885,cmZ:885,mfZ:885,loA:937,loZ:939,ltA:957,ltZ:957%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNIW+11%7C12%7C13%7C141%7C151%7C1521%7C153%7C16%7C17%7C18*.990511-61634096%7C181%7C182%7C183%7C1911,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:27,sinceFw:95,readyFired:false%7D&br=c Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt16.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame AF70	8 KB 6 KB	275ms 194ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea5d19e7c8fc58f5fae15427cffba10577b1b1ffe8508ae1c2230f165acbf6c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5831 x-xss-protection 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame 5446 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq...	43 B 420 B	226ms 194ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 80954126afb492b3-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 1608 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiKpOgkZ6bGYi0neyy2JTc&google_cver=1&google_push=AXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmStjGE7yvJ9vl_W1nH8VOD-F6nTVlEK687Wnv2fuMAnR59qGzWF4AbPFlboFrinNiTFKlil_6TRfGa8703Z9yf24GubeIq6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 809541250eaf92b3-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5446 Redirect Chain https://s.uuidksinc.net/match/47/?remote_uid=CAESEFN6nL8lFiGlLwHGnBEY0tg&c_param1=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC&gdpr=%%GDPR%%&... https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC	170 B 188 B	65ms 65ms	Image image/png	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSDIKSw6eVS9rTYxhik94yg8tcBGjIcksS5uTHSalQTBioh47xmHrWOGHcLvUpMVcgPeDG2Es5-eE739EQxFQY0wE43rdeC date Tue, 19 Sep 2023 22:27:10 GMT server nginx/1.23.2 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5446 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGOLi62jD1NRPbivsT7Ddjs&google_cver=1&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pM... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1RVlhZRkQtMTYtMVBCMg==&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pMnw41J7ue02vZQDw5thL0kjFIW	170 B 188 B	57ms 56ms	Image image/png	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1RVlhZRkQtMTYtMVBCMg==&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pMnw41J7ue02vZQDw5thL0kjFIW Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1RVlhZRkQtMTYtMVBCMg==&google_push=AXcoOmTndaRyajHTdxWWvPd7xCGGLr2DP8I0SAC9tT9_VH7amR-A82F2EgOdIq-WC1lz14Nv2pMnw41J7ue02vZQDw5thL0kjFIW Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost b71bced807741b20dd93dce6c2d26405 Expires 0
GET H2	204	- s.ad.smaato.net/c/n/// Frame 5446	0 236 B	241ms 120ms	Image text/plain	2600:9000:25e8:6000:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKgYPGGMfJzDL5j2W0J9hnI&google_cver=1&google_push=AXcoOmRd5d-u1LjRW7eAavev106JLzqmoYkhCzqOsRqegHINfzFsptPDmpDpcjEKyp30cNtXz5CWm1i0u6joRBPx2ch5EwVIC8C5 Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25e8:6000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT cache-control no-cache, must-revalidate via 1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS1-P3 x-amz-cf-id RkHSHjHCCVYCJLHxAkx2kDJGm0VG-BpPonRm70ghlrISgUngfv6_fw== x-cache Miss from cloudfront
GET		pub cs.chocolateplatform.com/ Frame 5446	0 0
GET		google sync-dmp.aura-dsp.com/match/ Frame 5446	0 0
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame 5446 Redirect Chain https://an.yandex.ru/mapuid/google/CAESEJC9K_e4jSLrcR8EX0PRMSQ?ext-param=AXcoOmSRYqKOrbrXTTsQmIEsoXZ4glRcazdWbTo7c1BjKAFCsoxwnu6MQ7woeeqOtWtKVSXbaXC9_Ot-QruRMWqsq4Wz-rXlNhpJ&partner-tag=yandex_ag&g... https://an.yandex.ru/mapuid/google/CAESEJC9K_e4jSLrcR8EX0PRMSQ?redir-setuniq=1&ext-param=AXcoOmSRYqKOrbrXTTsQmIEsoXZ4glRcazdWbTo7c1BjKAFCsoxwnu6MQ7woeeqOtWtKVSXbaXC9_Ot-QruRMWqsq4Wz-rXlNhpJ&partner... https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJC9K_e4jSLrcR8EX0PRMSQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 144 B	79ms 79ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 18 Apr 2001 10:28:03 GMT content-type image/gif p3p CP="NOI DEVa TAIa OUR BUS UNI STA" timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 03 Sep 2024 22:27:10 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://an.yandex.ru/resource/spacer.gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 5446	0 12 B	50ms 48ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13It8dn4crqRDQfNwLOTQBVQNKQdotvbxAyg4V-gl4DjL2YcbUoDAl-ESFY5v4bT6624Wgtxd4w Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	css2 fonts.googleapis.com/ Frame CFA9	4 KB 767 B	87ms 86ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 22:27:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:23:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 22:27:10 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame CFA9	205 B 269 B	70ms 68ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sun, 17 Sep 2023 09:19:40 GMT x-content-type-options nosniff age 220050 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 16 Sep 2024 09:19:40 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame CFA9	604 B 669 B	81ms 79ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sat, 16 Sep 2023 09:07:34 GMT x-content-type-options nosniff age 307176 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 15 Sep 2024 09:07:34 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame CFA9	15 KB 6 KB	86ms 85ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 01:08:40 GMT content-encoding br x-content-type-options nosniff age 76710 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6551 x-xss-protection 0 server cafe etag 511223485441000916 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 01:08:40 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame CFA9	20 KB 8 KB	87ms 85ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:01:15 GMT content-encoding br x-content-type-options nosniff age 8755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8566 x-xss-protection 0 server cafe etag 5625731030761120726 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 20:01:15 GMT
GET H2	200	4a.js Show response static.adsafeprotected.com/ Frame 1865 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1450266/71191763/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014315727&ias_pubId=pub-2840258101411863&ias_chanId=1&ias_placementId=20517361851&bidurl=ht... https://static.adsafeprotected.com/4a.js	2 KB 2 KB	52ms 52ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4a.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0 content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) date Mon, 18 Sep 2023 19:09:36 GMT x-amz-cf-pop CDG50-P4 age 98255 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 08 Aug 2023 19:01:30 GMT server AmazonS3 etag W/"589d8955c4906ab1b8e63a2f92d932d3" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id G-YTHLWW_GIQmNLa5a95C8Y1jq9WD6KsJIacu-vZIxsYpdOFR-N19g== Redirect headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name app01.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4a.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame B0BA	91 KB 23 KB	94ms 65ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 31387854 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id alHzd80Hv3KTZ8c6Nx2_E9hXn7HV87yOzzD-wGap477XmsdaMQe5Ng==
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame C67E	0 0	89ms 82ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq40efausxaN0XtVAPCfjMDc8drDu5bHUgyJHhX2W3auw87PfCOu88YH9xVgx8FYoY_mZIvctZgqDeIS6ZrQdiVGvmDTeZ6Sewn77GeHv9TE94P7NiBbofPgWaw60Tt8PnmRXrlJ3aQtnKrTv1IXQmFXkMOgnAKMT-__C5b5Q94L-VZdxlgFJgXA9KTw5C4UCLbuzu3G5b5DzDWctogPUBJkVnpxCbXSRkEvwNw5OsOVa_uxVnE4BDdFuMarfjC8xZC1rpAXKsIXZLkHHFpwA3ch44fdO7AHpNAfeQ1kzkaPxlYtmYQ2EP5C-s9mnbqfYsvnwFnmbH9JvNEBvAhrEYvBplv3Q_UurJZ6-G565geNWlgBf7CQdt9ZPHf9WOoYDkUC8OFCN8xvaE4PozJM26vi-3yME2FCPL8V2BX7SGMGxiLp3x3_PTWdMr6_vyCK-bpt3cnPS15TbV-JOQd_J2Ez24GLxTwnsNObAe1-1VvOb0AQnNvPI9tWK5wnng0iANvZgnx-bizklB-0n7rWwmDO4l283e5DKrYIY3Pm4Ce4j7ESQo3dRQWPFUT6otSq3p9QRhaeAVcPv4thdAfsNSGQusfU-zJjXqcpRBxSvz61ygqqKGYt9I8NJ_DsHN_qan0EiNowCstOrTw-b4fjVqE-gSgcWeSq_19GnT1mJdRaXQPKJymojzYtBYJR1qny5lDlc2ABMToLU6-6Zfxm3xJUNjoN1veronkbwF9qPYhnwvnK5j1VoCdVFLpR8PdQhEV1W_Li7H4NtRqo73pMz3gjG3f6N73YIPZbVdj7FotVmzED1Mzz_o8AapeOGr1KmVq5eQc9KmmWG6rxqpUxHjocAP_hb6CTOidHhfgpLKjscIBoQfxnFfK0iHbhPKMImEW3FoTUSM-tdgQEz32nSwYVPhNOUTL_IEtfYG8WAnazv1z55cdshcdn1EJhZ3M0qWx9d-GP6Pqk8OwpFoiujQ34Rt_1QtY6sU1TWmXa4h0eHSWFQvBK524xA5dPYrqMfPiTQ961sx54Bo_OhJ3xaJ-UaLjvx-15gnrs0nkrX7aCvA4irn3K0zN_wY93YzlAl0mLrGoLyOy1F3IXdIKQGqWXSDcXlrXoXov5xIGeaGGunS9XnPLx2AnMZOP3u_gpS59GI0O3D3nqFLJ7FG7bHr6T-XEDlQu7W8D6d65rY-bwlTWIKHBzKMD-zrdQU7esdwvBRGOg0_LVPZ5ylTs8zOLRim4LqVKss-NsC62qdb3BTv9n0t2LcxiKvdKiv86t6Ossc7VPxy-qkpxY0XpNtZOTYd_PHGfItKDErzweHePaMI8DV4U_rzGc-dtOoTOZBeMVbVB829TGZu9eME9btWCIOKZMZHIsQDigc&sai=AMfl-YThUb8V26mN49-64W-yZCbEDczCHxb0msAghlUDaPGVuH13Tw0DrwvVSRyY7WdtM5bnXaH0m98coM28Fb8olRkDzezITNCVqFP4Oj26tgZn_k-2pLWAulyfGthtbPfrg9EDw-GOnq1YmwWJc1Z5v9j-IpjltBSDIRJwAYTgwHPSMfvU8ShmEgSKneWpmb_xs2kL8wgyAyhRaeyUOrfFG-o33yoplR3CkVv4YvgsWlA2i8Ze1IDgLmypNeZtXeolJLqTnMda490w2OhcrZravA3kOy9gd0BH&sig=Cg0ArKJSzNR-zudEhzT6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=804&vt=11&dtpt=627&dett=3&cstd=174&cisv=r20230918.91017&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 19 Sep 2023 22:27:10 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 3B37	22 KB 8 KB	56ms 53ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 437368 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Sep 2023 20:57:42 GMT expires Fri, 13 Sep 2024 20:57:42 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/ Frame BE95	6 KB 2 KB	64ms 59ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d8030cb04a3cc90f7c1b7f2d55e3137cd542d326c6bc3602d8b478a35f9552b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 124271 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 1824 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Sep 2023 11:55:59 GMT expires Tue, 17 Sep 2024 11:55:59 GMT last-modified Thu, 04 May 2023 19:36:00 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 1865	0 0	93ms 89ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIReNTq7bJAPMSSTmEBikD_plcprt1TaEU0Ml-Xiz68Vzrex9y9tV7mme0acfAoogaAF4pqZsynRC8v60CCfwS1H_OxQLKs4TdNeDIhRNO06eEwO_ZFsNoNJrVin6WPo05IpKjtFBEMlLfneuOfv7Tmyf7WXGozH8MGtjJLiEuRIo3G72tuRrfMWAv9to3YTcJLdtAK2bcjp8bybLcaZc3EtdwEvAmP3z6RzO5G0vaAn_aOMMEO3ragHPBF2aNDZQMWg5nxqahRv72QqU4GDQw5E8BJmwEm3lyg4g9kP2e6WfakR0Sgdyw700F__ZTaVNw0o-Jutp73oNciT9FKKn5LmUCMTv65FmW9mRxAXksjp93ZillX9wbcfECGlYfcCPBoN1w9RjZhXsxYnwTJ8cnG3MS4c5NkFCFVIAkknqExucP5Hrwsj4sZlQeyEmIxGDKR5UYVReio93XnD3X5NyARsVnfPbn_zP_SNWOoCFdavWiXPFGHaKp3vZZnyh8zLIMZzAJ1fqAJ8fn_cYu7epK1La-YepntejuwmdSMjLD6nSN2R-O9VDsOzXY1oZ-cRDWDPkHNNsFentZgHBMNXXMA_7emdktif-um7Vqgp8og0M0_Pl9i8YJi3N2ayzJDJFjG8h1Jkl3JcLQs75e4cHvbg7p9akfNj8TkijHAzSIKOICU4xS_IdAzmTNGA_htGxyaR_hgcP0SfJIF7LmvxMJ4X3pXszyxALKtAYA1ObBVPsohM68fHpXqkXowNiN8KwJnEK4yzqq8_OOk2Sw-Gmekff9LWlKRwWzmaZc2KrIi6wy-upzWV-vNSzT07DQb-MJ4bxcQ3gLzxdNGP-CzPFyA-nJCyZIhK81LzH7NLUEce1l8BRoBWazMH_fIit1BRmXysCOuRPfKG4o4J7VCnp49ISIS55iTnlHl1k8sfsgA0X3yfFFDzohlekY1rl0ELzkokYBpEAG9ksMqte0fG6mYhuZxrkjZNtN_JAvUj3NTTitFv_Rcg_-jxxkNhSnCh7a7ZorguzDs8rkF9jtzMiSJjdEftFQnHhOIkUs7AGmFa-Q8o9avsAQAcu2jAHDPBYyKejykNd7cgfzA_jQ1p7pc77a0H6omACPTGf54cVAg-ZP9EQwtaE4fdgr0THJi8HIdXLNu7-TgkNKGZYssx12kPhIA_jpOKMrEdwyPrjBOhiSWx6puetzhwze7GwVDY8QjupOwka_jDnkpbjmcZUhT60Z0c2F0OtRGZbk96ttJ6ZhRPxbDT6JlbyXHCnCYdmw_XuH1DeiJrVHp3TDZAWwAfqLmnBSolwbeBa8wImNyZx5&sai=AMfl-YRJb4ok9HAPLVhfC5jjqB_nYnpDIctXpEfOkMtPpVkRBaXBI_XeqROnH2fUJYuGR02dzYY2i-35v6v1qxiViOSR39uCIolwnsmQOBejEg6ezdMQFngRdxngNBTyhYsugZ5fFRUjLcYJXIWiDMo2mwy-MgrdPo154n2B0YHCqU-v4xPFxeMZsMJPtuatL6nQH4PqDBzEl1YJYXu8ALvSU4-vfiIXXXJAEjuaJVlz7Ompqk-Q43PKKTLhZobT57eYIOcfwBeZbp4iWJHbQTdZHU1etcHbIIKOhnBxcQhbTWGHMv8ozaImiAJDb7Ro&sig=Cg0ArKJSzHltAbAA9DBdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=496&cbvp=1&cstd=493&cisv=r20230918.19814&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 19 Sep 2023 22:27:10 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1865	43 B 215 B	219ms 217ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=c54ae9f6-1092-40e2-f644-cbad6b6dae24&tv=%7Bc:oHPrmS,pingTime:-3,time:116,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:115%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:116,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B102~0.0,1~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNNU+11%7C12%7C13%7C14*.1450266-71191763%7C141%7C151%7C1521%7C153%7C16%7C17%7C181%7C1821%7C183%7C184%7C1911%7C1a,idMap:14*,rmeas:1,rend:0,renddet:svg.us,siq:32%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt28.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1865	43 B 215 B	119ms 118ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=c54ae9f6-1092-40e2-f644-cbad6b6dae24&tv=%7Bc:oHPrmV,pingTime:-6,time:119,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B102~0.0,5~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNNU+11%7C12%7C13%7C14*.1450266-71191763%7C141%7C151%7C1521%7C153%7C16%7C17%7C181%7C1821%7C183%7C184%7C1911%7C1a,idMap:14*,rmeas:1,rend:0,renddet:svg.us,siq:32%7D&tpiLookup=ao:spdflashtool.com*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt26.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1865	43 B 215 B	186ms 169ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=c54ae9f6-1092-40e2-f644-cbad6b6dae24&tv=%7Bc:oHPrnr,pingTime:-2,time:151,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1806,beZ:1807,mfA:1816,cmA:1817,inA:1817,inZ:1822,prA:1822,prZ:1830,si:1837,poA:1838,poZ:1864,cmZ:1864,mfZ:1864,loA:1925,loZ:1929,ltA:1956,ltZ:1956%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:115%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B102~0.0,36~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tQlqNIW+11%7C12%7C13%7C14*.1450266-71191763%7C141%7C151%7C1521%7C153%7C16%7C17%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C1911%7C1a,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:32,sinceFw:117,readyFired:false%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt19.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame C67E	0 26 B	171ms 81ms	Ping image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX8SEgG53qa5BYL-IDhnk8sgV1ZAq3OaQ-4ekoeuVu66FRqWRfZkCuhdl8g6qd5kEnmhOY2VR10YXea0m9Q-iOpWmz6b4uE_EZ4yTluSXTfV98rILT2-eaLpwi2B8ctcyk6cv69kc1iIosW8uIbIjtJcf_x98lIEJR9CRiJON1nw&sai=AMfl-YRDw2CjX_RuJBmhHwZDJXzCL6rosDEti1z47H1Tu8QzpFiwpebNnjx-Gp56rl3ncz7SJpFZE0hJU9QHG4ItGAOAZe3M4xRLHueS-72XqAHbNLG8ATZr7g37E3AD5A&sig=Cg0ArKJSzLE0gikhrxeDEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D38B	0 20 B	81ms 80ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRYA4PSAKZY7mDJ7kx_AP77e0-AYAAAAAOAHgBAI&bg=!wcKlwo3NAAZQjyUVcI87ADQBe5WfONRovZD95UpPFinNeksaWKg_2v_Qfz-n1uDJFk8OzB-UwT3bLE98s1iDWOVqMM8mAgAAAm5SAAAACGgBB5kC8n6oX6iwgf1wIxANmxc4BLL4BCC0ljG4f_duY0fcPSJVndEnaCgJXW_J034yzP-wQQDiIrOAwpOFrdSzB8_vT4i0NA_REe8ZSRmyk3klUZ-ihq3ufOnlRXJXftoD3vO4JEfUUnWn4H1Vem8KLtlsVavU-ScFxzpgZ7mpSZ0eLwqFBScElRf_XTQGiHfH2iMb1NA1vrKgHo5qqOgbguwA0_djqNvgSPPM4GcVSRkLylz8nfQhuvFG18xXOk204SWtIX85vUohRH514IaB-zd4O82q4qwxxY7JSbV4zjgPsm3VoZY0vgN0vx8WkuWSWwyQKZq9YB1yaHuCJZ01ik4YTSkwX-IAERkwYe1d6tntI4UBts5XjxiRglXYoexGRLc2xKTPAyQu107FhMsXJVVsieNtKCfXqPgnhE82xnSP_ksXbSBllfwgib7dwzNrtxVw1ZOPr67UTpaAu1NM2fm8VJ19V6JZCtLeMvXjFHt9l5vV5ytyLbdzj2YjHESm8ylO6o4Mn-c9EEYh5x02zE3O7pV9E9IklNMWLazzlRm7Wn5P3mO2aVoQLcfn2mcdK52aMaviTens5dmgS9B91Kvfl_0QqW-5x4HArKkAYP3wDd9-2X-sd8756kZPb-g4cYzrBC5hcE835B6fRkodsN-AHONdCXkMXYbikgnSUgUBiRYCK9x_4K8CXYiKngfH9lzDwPSS-JB3RIjHoCF5zqneD-RFpUpn7vaDMIwIWbQDYHXKDp1fGZ3X7SJseoKqM82IU_fdnHXNMgI2ZcNMuXukr06FXk07ejXjYbwIJoqHUp2rts7Rte-LScKdnWwMalctx67KVA_ekC0FPF9O2l1CTQPX47EHp8aDatjg7NRCCNBSRH8jrhbuWruGbcs7Iyz7SYDi3LQE8Qe19bInyKmWXdCqkhned62Kg0jt9Yh6HVUNIhUgzcYu9JJF9ENXkJOHoPAlqE8_yYViilLlPkoBmraONV1WnWkg6lvzDxkWCIlj0tM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=250&slotname=9022825270&adk=423810383&adf=4056628716&pi=t.ma~as.9022825270&w=300&lmt=1695155228&format=300x250&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428137&bpp=1&bdt=300&idt=294&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x600&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=fm16nTmYlQ&p=https%3A//spdflashtool.com&dtd=306 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	passback_728x90.js Show response static.adsafeprotected.com/ Frame 676B	3 KB 2 KB	51ms 51ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/passback_728x90.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4 content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) date Wed, 13 Sep 2023 17:40:34 GMT x-amz-cf-pop CDG50-P4 age 535597 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 18 Feb 2022 23:29:52 GMT server AmazonS3 etag W/"696b4c19d35efd706805137a8a4b3831" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id Cwtz2mkCRC8C-Bf6F-TBNqHoDcpSJhdbVhSsLgSduJjL_nmWoTzwwA==
GET H3	200	style.css s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/ Frame BE95	3 KB 1 KB	49ms 48ms	Stylesheet text/css	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/css/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca45da0583690fce02cd8f1bff67645df7b336fa04d1083b50d4ea4595d4792b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Fri, 15 Sep 2023 10:02:23 GMT content-encoding gzip x-content-type-options nosniff age 390287 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1152 x-xss-protection 0 last-modified Thu, 04 May 2023 19:36:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 14 Sep 2024 10:02:23 GMT
GET H3	200	gsap_3.2.4_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame BE95	57 KB 0	50ms 49ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23276 x-xss-protection 0 last-modified Thu, 05 Mar 2020 03:53:22 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 22:27:10 GMT
GET H3	200	imagesloaded.pkgd.min.js s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/libs/ Frame BE95	5 KB 0	49ms 48ms	Script application/x-javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/libs/imagesloaded.pkgd.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 07:45:33 GMT content-encoding gzip x-content-type-options nosniff age 52897 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1810 x-xss-protection 0 last-modified Thu, 04 May 2023 19:36:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 18 Sep 2024 07:45:33 GMT
GET H3	200	animation.js s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/ Frame BE95	6 KB 0	49ms 48ms	Script application/x-javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/js/animation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/9139161501176268580/CV~FlightSandstrand_CS~1X1_CT~HTML5_DT~DM_BT~LC_PT~ADTT_EC~XB_DM~300x600_LN~DE_U1~StandardDisplayBanner_U2~PreBooking/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 17:08:50 GMT content-encoding gzip x-content-type-options nosniff age 105500 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1219 x-xss-protection 0 last-modified Thu, 04 May 2023 19:36:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 17 Sep 2024 17:08:50 GMT
GET H3	200	css fonts.googleapis.com/ Frame 2446	14 KB 1 KB	55ms 55ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 22:27:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:25:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 22:27:10 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2446	2 KB 892 B	42ms 42ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8920 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2446	23 KB 9 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8920 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2446	3 KB 1 KB	48ms 48ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 18032 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2446	20 KB 8 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 8920 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2446	182 KB 57 KB	1115ms 1115ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 22:27:11 GMT
GET H3	200	9041af033b7a690ba70e3134a2c135bf.js Show response www.gstatic.com/mysidia/ Frame 2446	36 KB 15 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 09:37:14 GMT content-encoding gzip x-content-type-options nosniff age 46196 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15189 x-xss-protection 0 last-modified Thu, 14 Sep 2023 23:26:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 18 Dec 2023 09:37:14 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame AF70	17 KB 6 KB	67ms 66ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 19 Sep 2023 22:27:10 GMT
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame 3B37	37 KB 14 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 1865	0 26 B	84ms 81ms	Ping image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxGHDm83jEwCm9Jo0kmiCCugOtdVFaVt4gdQvc-1n_PLWumluYe-In6jE1EtFtmQTXbpp-rI3lm2dfqfM9McrL3jV0A91hWqDmmgfW8hAH5_4XiPuIJymRyWqiA5jKMREkU1evw6KJ8SnpUpc5kZlfqROpbfjXnDzUx-Uq2JB33pju6Ll5yVS2CA2131qctlJD58l5pum670mN0qu8reBCqw&sai=AMfl-YTmhFH2qVbdrbbTl1eLtyUP8xMCSWFISz3OISshpeTMieb--RvuRpy87ZljLb_4F5EJKlE55_NX4nD9pfl0HN8xy_KcSbC0EC2PVWbRwxv8I2R7GZyDA3IXvSjz1Kxd_RuHtg7XUh2vKDdmwRyBAOLtmA&sig=Cg0ArKJSzJYh6Pr4vtbxEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	IAS_PassbackAds_728x90.png static.adsafeprotected.com/ Frame 676B	10 KB 10 KB	53ms 52ms	Image image/png	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu date Tue, 19 Sep 2023 17:24:36 GMT via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 545564 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 10216 last-modified Fri, 18 Feb 2022 23:29:13 GMT server AmazonS3 etag "b1464a7201f691a1e4cf6fc057919d7f" vary Accept-Encoding content-type image/png cache-control max-age=604800 accept-ranges bytes x-amz-cf-id axMmnLsjGBwj03phZ6_TBQ8K2k7BrPr6lw_COHPk-khBXaOll5KmMg==
GET H2	200	passback_300x600.js Show response static.adsafeprotected.com/ Frame 018F	3 KB 2 KB	49ms 48ms	Script application/javascript	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/passback_300x600.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH content-encoding gzip via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) date Sat, 16 Sep 2023 13:04:42 GMT x-amz-cf-pop CDG50-P4 age 292949 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 18 Feb 2022 23:29:42 GMT server AmazonS3 etag W/"439e58c5a30158dbdc47481bb170410a" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id my6xxW799aCZpTgYL1Ipr-uiNMgIOCXa85fxSDcjCrNIeGHRmf6H_w==
GET H2	200	dt dt.adsafeprotected.com/ Frame C67E	43 B 215 B	121ms 120ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8b48ee5d-389b-a958-bdfd-876dfbae4799&tv=%7Bc:oHPrpW,time:614,type:e,im:%7Bpci:%7Btdr:363%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:614,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B607~0%5D,as:%5B607~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:436,fm:tQlqNIW+11%7C12%7C13%7C14.1450266-71191763%7C141%7C151%7C1521%7C153%7C16%7C17%7C18*.990511-61634096%7C181%7C182%7C183%7C1911,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:467%7D&br=c Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response pagead2.googlesyndication.com/bg/ Frame 3F25	37 KB 14 KB	47ms 46ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:33:22 GMT content-encoding br x-content-type-options nosniff age 10428 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14739 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 19:33:22 GMT
GET H2	200	IAS_PassbackAds_300x600.png static.adsafeprotected.com/ Frame 018F	34 KB 34 KB	60ms 54ms	Image image/png	2600:9000:2450:c000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK date Sat, 16 Sep 2023 13:04:43 GMT via 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 292948 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 34357 last-modified Fri, 18 Feb 2022 23:29:00 GMT server AmazonS3 etag "26e2b461771f6fb855141aa77c859584" vary Accept-Encoding content-type image/png cache-control max-age=604800 accept-ranges bytes x-amz-cf-id 8GhZdkVgEBycrWDqgmrrfukagIgckfi1gftPSZa4IGcp6pVwKSCjXg==
GET H2	200	dt dt.adsafeprotected.com/ Frame C67E	43 B 215 B	118ms 118ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8b48ee5d-389b-a958-bdfd-876dfbae4799&tv=%7Bc:oHPrsY,pingTime:-10,time:802,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695162430728%7C%7C52d31271a791752e35043b6d88425580%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7Cdcaa26f8930af29da555171b999e1eef%7C%7C9b02c54428ff28c4342b4e769d13dacb%7C%7Cf2ae28233d6494474f71cc887e114b9e%7C%7C28077196198c82c353068ec4ae77e270%7C%7Cd8fbb79339887c6706b5a05e7eed1f09%7C%7C1663701684%7D Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT server nginx x-server-name dt25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1BF6	0 20 B	77ms 76ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5Eb_PSAKZfC1F9O7x_APl9a70AMAAAAAOAHgBAI&bg=!FxSlFFvNAAZQjyUVcI87ADQBe5WfOHtULsBYXM_DA7LqBE-bDY26ZpFTRKdTLQZ25xzJZa8cGuQvWr684oFadBusj9WoAgAAAbVSAAAAB2gBBwoAKV-P174Ps7gv5lSVhn2XWQ3RDS1kQwgykUBxKWjUiqPjJgo0cm2jQuH4mQL4i9EABWUf75awyYOrL0grTUpbOxME6dkpYp9OK58ZwjABPtsgVBi2v6GT4Xj2zqTetrXd_bbZ1pH19jnTuKFrREZ7n6xIm1zQ8sxW58L_8pXCnRFfE-Ky298zb1DAXTi92tT2hKQBQUIXAd51Cqx4PJ_LfwBGxxJ3eZEZxGoFzl2IGjTbgNSDxA9GN4fC2ot_Coj0-6OF_kgRBz_cxoUJtAvdHn4XJw53aBsDF_o4CTdQjBriLDKmbF9wZwMk0Ypw6oM69cOL1G9Zi7MAzBt_hyzapH5GIn0MhcpzL27DLi4Dp10P56K9MUe_1Wmh9DayfvAkvxU5ahbfoUtMRzhmkCnKY0QKrG5FDJUQ8Y_YYNRE7FTLxiVyARfm4Maduo46F3gG4_t2cPVNc9Utq_kZGB8xjYwXCoj6uNpHqtABKI6blglu7a53wGDT2Cg6Y360VfV2jNEqqjiub_SXluE7yHs5VUUSZcKgGGDHlP9fCOxQ6vFUbeRv4s1gAp6Y6CLnG9CM6mr_7s61KRjpC0Ba4XpwWz2sXfePfcHRI3Le--cb19_U_xYAW-52ktO1kd1_ncl2oDHgWP4p4Npz7ZxoRJFYnv8oqlLNTDoLmtb2EzGTzMyfl-QVyf90G42yFMBb0MFPiiXCjJ0q8EQPDe8vEW_Xdbct_N8ZC7gHviJYDpd4y4wySw6MiTW0XSR0zHy756W-g-ZjGbJfv3Xe1M5GO51i4MTg1nWg8y-7msB97PxGoK-pGCmEBHOgIv1TM-SF0bV2Tnb4LRajOtpwAITZBN4o2k3Og6M6a4YeDmXy_Qqq4KqWmuT9p7SmpCa2aDdM6UauGgjbTeoGoWO4v-D5-xh3ww7eBjl1AytY-y4cprgmeRLNgk9LW9Rmne6E5R21YGTDx3epbXJTZzK9kS7cPLHSRummIUADYzSNkadfxLZPc1_wBeIRSaQCkj8ArQEzEvj9rGXrI0nBmjDAuG134-YOBVSyLrCWl-ZHzY1y7Gis08Ekl2Mi7w Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3B37	0 20 B	76ms 75ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRjvUPSAKZY-2KeSgx_AP1dO0iAQAAAAAOAHgBAI&bg=!HB-lH1DNAAZQjyUVcI87ADQBe5WfOEzrxBJWKs7hQxPtJLIfQUWWtop054xQV-XK_7vXiVUVicOhz-9xF9f16Idf_DZjAgAAARdSAAAABmgBB5kC29mxlaCzIGcxG2_KxdtSneF9zoRCgIsSgKxe9oRKdM27YD_ZbMxaYPVNRGSQYOcPfbPakvANmL7UxQW26rASILjx28GbPIiyHRgwyIBrk6av-xHvfSryhMdbgecOIJMWG2npuRH99-SyrWKZOHgWylKcIUOHLejhJPZQo0dHXPaVpxApXU1zgdVl0Kg-b2lBJjkEafEOaTlN-YHQLY2cKoYycPTnoiVevPN7d2Nk7ZcZ7kaDYS6QUjXR1GdCSqgsMguvj2SaOLh5n7xqDifbsOD5SsKpwhDSorqWzZPKidUOlf8GIJ1AFfR6Emi90Y4GjHbb8gYlqRhgUd8T8FRKWzvDH15N8O2-ung4Bscx3bCjYMm26Rf0euGhyuuKVzumrmscwyIiGd00cPLpouPrW-BjG9ulS-rbZ19kkM3IDQ6eQd4teMlhahsdIRPshf5OMuxyqruEJLDlOvkPSyfNZUOKax0cUzROdAv72eXc5LHcE68QibMvTwZD_W1dC6Ayg1lJECghTTLRrya8Lhz4YGbGuSThsjHLdDTdhBGUJ6vYBnM9fNNmfi5ONWGfKh66eP3x2x0RUUEUzoPyr5FM-XFKSJF0pVvu8hrWCfVvdNrHbUq-Lz1bpwz7Dvew8GMYfOjXiHrudBkh5Quy6yjcf-24vwHNbPwt7oFbELXjwmDoeIp7-1mWc2nj_R0nnOa3eoOBXk6cVjvykHfiSJYm8Qco2dIS29_bfVzk0hse6KqQ20J-fg19_xTHXq89ml33F0iU-5chWpPBdWmy-lEdLhLcm9hHIZP-yS4u2wpiBE04ACZ7cYyQXVdCU5xPIEucPDkf0MjjXSjH_UjUFPwALfIdPMJPGa3aXpcfG4yFtSw3gFlXz6PeZOgeIP9NeVFlK94slobozxYpwIFhOGrQPm18okTWyuawQF_btM9uENpRNosGnQgYX8AkZ2MYlB6NyUB6Da9rlWrWlvX3 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1865	43 B 215 B	132ms 132ms	Image image/gif	2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1450266&asId=c54ae9f6-1092-40e2-f644-cbad6b6dae24&tv=%7Bc:oHPrDO,pingTime:-10,time:1166,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695162430728%7C%7C52d31271a791752e35043b6d88425580%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7Cdcaa26f8930af29da555171b999e1eef%7C%7C9b02c54428ff28c4342b4e769d13dacb%7C%7Cf2ae28233d6494474f71cc887e114b9e%7C%7C28077196198c82c353068ec4ae77e270%7C%7Cd8fbb79339887c6706b5a05e7eed1f09%7C%7C1663701684,sca:%7Bspg:8b48ee5d-389b-a958-bdfd-876dfbae4799%7D%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=600&slotname=4532792211&adk=3802136983&adf=369960317&pi=t.ma~as.4532792211&w=300&lmt=1695155228&format=300x600&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428136&bpp=1&bdt=299&idt=287&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m478xYBgHI&p=https%3A//spdflashtool.com&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:11 GMT server nginx x-server-name dt19.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	redir.html Show response p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6725	247 B 867 B	193ms 49ms	Document text/html	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 082b700508e7dbffc0505982ffc2b2b04b39e2b48c1b2362116546e1986f0a69 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding gzip content-length 203 content-security-policy-report-only script-src 'nonce-15a_mAuZlgwFee61x__SyQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:11 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Mon, 02 Dec 2019 20:15:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	OnAir-Bold.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame AF70	47 KB 47 KB	41ms 40ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:21:59 GMT x-content-type-options nosniff age 312 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47676 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 22:36:59 GMT
GET H3	200	OnAir-Light.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame AF70	46 KB 46 KB	47ms 47ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:26:11 GMT x-content-type-options nosniff age 60 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46936 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:50 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 22:41:11 GMT
GET H3	200	60005582_20210507060843268_Asset_Transparent.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AF70	2 KB 2 KB	79ms 79ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 08:09:36 GMT x-content-type-options nosniff age 51455 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2040 x-xss-protection 0 last-modified Fri, 07 May 2021 13:08:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 08:09:36 GMT
GET H3	200	60005582_20230907064147909_Mann_300x250_01.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AF70	31 KB 31 KB	88ms 87ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230907064147909_Mann_300x250_01.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 725f5f5b144e4d7010d30e494690b3c78f2805e10144f0cfc1bea214a5714048 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:54 GMT x-content-type-options nosniff age 18017 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31652 x-xss-protection 0 last-modified Thu, 07 Sep 2023 13:41:48 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:26:54 GMT
GET H3	200	60005582_20230907064152182_Mann_300x250_02.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AF70	34 KB 34 KB	80ms 79ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230907064152182_Mann_300x250_02.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91daeaf4df1d8ddf9ac0017892e9cedfee3915464cbbf2ad35c6dc0a61521a09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:54 GMT x-content-type-options nosniff age 18017 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35198 x-xss-protection 0 last-modified Thu, 07 Sep 2023 13:41:52 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Sep 2023 17:26:54 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame AF70	43 B 609 B	172ms 53ms	Image image/gif	141.101.90.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14123_PV&mediacode=30520114_4307561_376315629_145340772_DIV1201A20230914&ref=30520114_4307561_376315629_145340772_DIV1201A20230914 Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 22:27:11 GMT via 1.1 varnish-live-1-0 CF-Cache-Status HIT age 6197442 x-cache MISS p3p policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 43 last-modified Wed, 21 Jun 2023 12:27:00 GMT Server cloudflare etag "2b-5fea2e2654d00" Vary Accept-Encoding Content-Type image/gif x-varnish 171193339 cache-control public, max-age=31536000 Accept-Ranges bytes CF-RAY 8095412fabfe4da8-FRA Expires Wed, 18 Sep 2024 22:27:11 GMT
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame 72BB	37 KB 14 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: 154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com URL: https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23032 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 1865	0 0	79ms 78ms	Fetch image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIReNTq7bJAPMSSTmEBikD_plcprt1TaEU0Ml-Xiz68Vzrex9y9tV7mme0acfAoogaAF4pqZsynRC8v60CCfwS1H_OxQLKs4TdNeDIhRNO06eEwO_ZFsNoNJrVin6WPo05IpKjtFBEMlLfneuOfv7Tmyf7WXGozH8MGtjJLiEuRIo3G72tuRrfMWAv9to3YTcJLdtAK2bcjp8bybLcaZc3EtdwEvAmP3z6RzO5G0vaAn_aOMMEO3ragHPBF2aNDZQMWg5nxqahRv72QqU4GDQw5E8BJmwEm3lyg4g9kP2e6WfakR0Sgdyw700F__ZTaVNw0o-Jutp73oNciT9FKKn5LmUCMTv65FmW9mRxAXksjp93ZillX9wbcfECGlYfcCPBoN1w9RjZhXsxYnwTJ8cnG3MS4c5NkFCFVIAkknqExucP5Hrwsj4sZlQeyEmIxGDKR5UYVReio93XnD3X5NyARsVnfPbn_zP_SNWOoCFdavWiXPFGHaKp3vZZnyh8zLIMZzAJ1fqAJ8fn_cYu7epK1La-YepntejuwmdSMjLD6nSN2R-O9VDsOzXY1oZ-cRDWDPkHNNsFentZgHBMNXXMA_7emdktif-um7Vqgp8og0M0_Pl9i8YJi3N2ayzJDJFjG8h1Jkl3JcLQs75e4cHvbg7p9akfNj8TkijHAzSIKOICU4xS_IdAzmTNGA_htGxyaR_hgcP0SfJIF7LmvxMJ4X3pXszyxALKtAYA1ObBVPsohM68fHpXqkXowNiN8KwJnEK4yzqq8_OOk2Sw-Gmekff9LWlKRwWzmaZc2KrIi6wy-upzWV-vNSzT07DQb-MJ4bxcQ3gLzxdNGP-CzPFyA-nJCyZIhK81LzH7NLUEce1l8BRoBWazMH_fIit1BRmXysCOuRPfKG4o4J7VCnp49ISIS55iTnlHl1k8sfsgA0X3yfFFDzohlekY1rl0ELzkokYBpEAG9ksMqte0fG6mYhuZxrkjZNtN_JAvUj3NTTitFv_Rcg_-jxxkNhSnCh7a7ZorguzDs8rkF9jtzMiSJjdEftFQnHhOIkUs7AGmFa-Q8o9avsAQAcu2jAHDPBYyKejykNd7cgfzA_jQ1p7pc77a0H6omACPTGf54cVAg-ZP9EQwtaE4fdgr0THJi8HIdXLNu7-TgkNKGZYssx12kPhIA_jpOKMrEdwyPrjBOhiSWx6puetzhwze7GwVDY8QjupOwka_jDnkpbjmcZUhT60Z0c2F0OtRGZbk96ttJ6ZhRPxbDT6JlbyXHCnCYdmw_XuH1DeiJrVHp3TDZAWwAfqLmnBSolwbeBa8wImNyZx5&sai=AMfl-YRJb4ok9HAPLVhfC5jjqB_nYnpDIctXpEfOkMtPpVkRBaXBI_XeqROnH2fUJYuGR02dzYY2i-35v6v1qxiViOSR39uCIolwnsmQOBejEg6ezdMQFngRdxngNBTyhYsugZ5fFRUjLcYJXIWiDMo2mwy-MgrdPo154n2B0YHCqU-v4xPFxeMZsMJPtuatL6nQH4PqDBzEl1YJYXu8ALvSU4-vfiIXXXJAEjuaJVlz7Ompqk-Q43PKKTLhZobT57eYIOcfwBeZbp4iWJHbQTdZHU1etcHbIIKOhnBxcQhbTWGHMv8ozaImiAJDb7Ro&sig=Cg0ArKJSzHltAbAA9DBdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2002&vt=11&dtpt=1506&dett=4&cstd=493&cisv=r20230918.19814&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:11 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 19 Sep 2023 22:27:11 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 948C	0 20 B	75ms 74ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRAQIQAAAAAAAAAAMAQKDRARIQAAAABwSfNAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAgMzMkKBAMAQKDRAUIQAAAACQ4PNAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAAAAMqFAMAQKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAAAAAPg_MAQKDRA7IQAAAACYmfk_MAQKDRA8IQAAAACYmfk_MAQKDRA9IQAAAACYmfk_MAQKDRA-IQAAAAAwM_s_MAQKDRA_IQAAAAAwM_s_MAQKDRBAIQAAAAAwM_s_MAQSGkNLQ0tzNVBjdDRFREZXY1RWUWdkcEZzRGNBIippbWFnZS9pbWFnZV92aWduZXR0ZV90cmFuc2x1Y2VudF92Ml9tZXJnZWQoIw== Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/f378f1a628345b8fc7dfdb57c16922da.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 3D7E	33 KB 34 KB	133ms 42ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 13 Sep 2023 05:14:28 GMT x-content-type-options nosniff age 580363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Sep 2024 05:14:28 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 3D7E Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CWlaCPCAKZaHMHL2d78EP_fKL2A66qf2Gc5fh0r_wEZjc58mPDhABILm_uSFglcKmgrAHoAGHv-DIA8gBCakCunSCthOakT6oAwHIA8sEqgTnAU_QcQY-UNbvzVouPTdnSZMIyGdif4vrs58... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229510797710993833389%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22...	0 0	158ms 75ms	Fetch text/css	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229510797710993833389%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22957882247%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216456634976824668129%22}&andc=true Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9510797710993833389","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["957882247"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"16456634976824668129"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 19 Sep 2023 22:27:12 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Tue, 19 Sep 2023 22:27:11 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9510797710993833389","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["957882247"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"16456634976824668129"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame 104D	37 KB 14 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840258101411863&output=html&h=280&slotname=5770864023&adk=3176299815&adf=749657259&pi=t.ma~as.5770864023&w=970&fwrn=4&fwrnh=100&lmt=1695155228&rafmt=1&format=970x280&url=https%3A%2F%2Fspdflashtool.com%2Fcategory%2Fdownload&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695162428133&bpp=3&bdt=297&idt=273&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=261966524884&frm=20&pv=1&ga_vid=1221908341.1695162428&ga_sid=1695162428&ga_hid=146642078&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077701%2C42532402%2C44785295%2C31077705&oid=2&pvsid=3500873756716162&tmod=366320996&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BhAcLYasrm&p=https%3A//spdflashtool.com&dtd=281 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23032 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
GET H3	200	bubblespritesheettiny.png s0.2mdn.net/creatives/assets/4085730/ Frame AF70	26 KB 26 KB	42ms 42ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=D77kDbnsj7&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:24:30 GMT x-content-type-options nosniff age 161 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27068 x-xss-protection 0 last-modified Fri, 12 Mar 2021 15:44:55 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 22:39:30 GMT
GET H2	200	iframe.html Show response p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6725	5 KB 2 KB	58ms 57ms	Document text/html	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html Requested by Host: p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com URL: https://p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 3cf88bfd4ffd8f77ad66db043a46b9c238cab1e4337c92c4fbacc31e71b04cca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://p4-fiw2epulg6ica-4vllfsbh5ooevdze-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding gzip content-length 1988 content-security-policy-report-only script-src 'nonce-ADc-A7142QPUK5DKoPcQ0w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:11 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Fri, 03 Feb 2023 22:38:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	195ms 75ms	Preflight text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229510797710993833389%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22957882247%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216456634976824668129%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 22:27:12 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	91ms 90ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 09d88705bfcd649a4b48dd3dfb49e4c0e108600a53f055028faf7951ee0c3370 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12165 x-xss-protection 0
GET H3	200	b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response pagead2.googlesyndication.com/bg/ Frame 69D0	37 KB 14 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Requested by Host: spdflashtool.com URL: https://spdflashtool.com/category/download Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 16:03:19 GMT content-encoding br x-content-type-options nosniff age 23033 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14647 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 16:03:19 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	64ms 64ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2840258101411863&plah=spdflashtool.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 19 Sep 2023 22:27:12 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D6A	13 KB 5 KB	42ms 40ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 17702 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 17:32:10 GMT expires Wed, 18 Sep 2024 17:32:10 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 1DDD	829 B 1 KB	52ms 50ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d3647701592870187463441fd5aa3672adffba80d70558f8baea78f419060730 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WnN8BB8Ux1KFjatUmZpH0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://spdflashtool.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 538 content-security-policy script-src 'report-sample' 'nonce-WnN8BB8Ux1KFjatUmZpH0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 22:27:12 GMT expires Tue, 19 Sep 2023 22:27:12 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1DDD	0 0	79ms 79ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=3500873756716162&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	200	D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response pagead2.googlesyndication.com/bg/ Frame 5D6A	37 KB 14 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:33:22 GMT content-encoding br x-content-type-options nosniff age 10430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14739 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 19:33:22 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5D6A	0 11 B	39ms 39ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?oez3hg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:27:12 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C67E	42 B 64 B	78ms 78ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBebkWVo4QPIt3zcd0B9jeia3eFIFTmgkWYB87L-c-VyFbquznmoRbDQy0bhoPZkT4ON2QfVd6LCp-Wf0gKWp1JTeI_u5RyG2fGkzGTyTyrGJlMnFlCl-GtMrimjNXQgSifhjT_3P8BMNb&sai=AMfl-YTc9lIKE96dTpEhRVWXDt-DhYfglXI8xmbNzuGHgDJF-DOXO4zYZsPy0QtfbZScZeykMswAVGKOkvLjtsqoCMiZ1u6ophJiMJ9HLBUZ2s4-eehzV-oY8p2HVLYPrX0OBuJBUn3Zki7Ozj11&sig=Cg0ArKJSzN_Iio3oQRaNEAE&cid=CAQSSwBpAlJW7aqN8-ZoXz8mSXHkaMCJt_alDm4fxC741kMZJbp-8gOSxO-8dbtFhQW9TdJyboqRW45cuMCbtqRzHQVZSPk6riOn9mYH3hgB&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=4274210003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695162429092&rpt=2565&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D26	0 20 B	73ms 72ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=77165197449&version=m202309120101&ct=76&x=1&cor=5766726415342266000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C67E	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2687437980967&version=m202309120101&ct=76&x=1&cor=11496697113344450000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://154d72e427aa58e65292cb139c4d5b1f.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1865	42 B 64 B	78ms 77ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2D8x71RUt-0E3c_RTorsi6VrZxsRWxDDNkf812WlI_LLCeO-Qx4Po-MFyg3zWDHiKiktX6z7GfKz2mtigFCpJNoBL7iJT_ys3XgyIIUdzahmfE1jAeowXP9d0sd5DG8s&sai=AMfl-YRZWrkpi2y-EQj-JSKQUryZOJg1s7OCo05fquKnY9dnaHXtlKerjNg2_ab7HyF2Idp0b2d8vZ-QJOV_AsdkTteKj-a0Mp4zlIdFUgnJXaW4thP2PEH0hD5m70awNzHlSo8nNElO_wYTV4ftUw&sig=Cg0ArKJSzH8hg7rVMHQIEAE&cid=CAQSTABpAlJWHm8C6bcJ1AQAKTX7GSbDIaBP_SL86jQg06L-3EgmssnW2cZHDmzfOeYwtIzqsUou1Ouj7Ms4Fs5Qv2Vm_-ZXB8wyYMMCBZ4YAQ&id=lidar2&mcvt=1007&p=0,0,604,300&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3802136983&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695162428428&rpt=3329&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1865	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7712365853614&version=m202309120101&ct=76&x=1&cor=6547158845618445000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3D7E	42 B 64 B	78ms 78ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss01GJE3_e7u_4s_5WcCMn5pUVD-2VD9XhwpI7NrmNKI3Owb7z9LEfLXl8BfOa-r1Y_iZSdoqm49Vf07g_jrDPNH0liY-vcjiYxw9UGIYs9rxeEN1sCvun5K_eWehDuCGb2iVesjQ5K2AkO&sai=AMfl-YThMCKTSpfTklW9oESyyoG6OJHj0IvVeP7GoKGl_KFneT8KDr_vOHEkKd18D5tRk6G1I4Jz0P9potP6EiO91JMRQUkLu5wbsFulBpS1vXDvVgnsWbXSfrcX0ByBgLIbm92jPfPmImam6bAC&sig=Cg0ArKJSzB95kDkZqpxbEAE&cid=CAQSSwBpAlJWjjAyrybPvxe2afsLNpQvcOlhnxsW12qAG49EHpeu1CBXM3FK565DMUnt5NyuVCfVDHDLZmHdWTJwKUcaApvKf3bz6iwTFBgB&id=lidar2&mcvt=1000&p=0,0,280,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3176299815&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695162428416&rpt=3442&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 22:27:12 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	78ms 77ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=3500873756716162&bg=!-_il-LfNAAbP3fMH7907ADQBe5WfOMnvh-yHBbyfpwur6f4MB0CAwMCmwALEXm4Au2FVD_tNrliiu7xWfVSkVhvgBJx6AgAAAIJSAAAACWgBB5kCynq44AOGMq0Kb8OyVtTJkcmPxSghJ7iesr8ncsjLi8cG_1EztHjqxRSP7LS8IQedzjBHiLOuetaVIdB7x7oB0cxrmJm1gd06T4OUL5eMalqAeFg__svOJnEBbCU4A2AG3xTUOuKMapGL7f3fNPn0LDoerPL1CtIRx4i5aJOmJVSfF95E7SiUo9V9_TlX7TNrNFF3aI98Qn098gwUBQRfPfnFEV7JXve0ss3B_WZqOSsOHTJugoSORyXGJTrsA0ROiGGONXOSXMar3TQocL-lrOhkodOkM7Jt8KOyUBsbETAC_IC9aOOcmWEabtsJh0d0JWTyeqo-nIDRzBZLhDapaulEza9GYNk5xMLUy0nnSknUtsjU9vopMckzKmVqivaLgiev7zwrK-jHqq1umO7zBy8EMiu1TCZsAicLxAhJt5kZNBY1XWYCIx94zHz1nwuw6JbgFkZq-YadY6GFNOUaKPnuJ6rEM61hfrFuFmCFbIVF1-Qe_VJgLdaAvxrCbIncK4gwKrEirItb3g_jcg6Xrm2RXl_uyjlS6-CVBm85JNvYZw8ne6QPnSuOiZ6rBJV2lcPi2Njn__Em6XZbLejfQA7Wgme6kMGPp6N-aKorFWEj07COY71ui7S9rtWHsB350mL0hJJQ77l1ehJcCEJzu8SRh8TonRpRxx7hpVzBfEB_G1Jfrzur8oF2vSZS_9vng6_MM0969ZS12mUMQGoifHWKoXJLJEw5zEM2IHtujKI0sN-us_G87pvrBO61x2u7QOjXYTP1-nJnxxI2f7tngsaZvdjEZJQl-CYgBxu0cGzBRoe7h_4VNtHKmZ9wg8WbGreUmEjbEmxBueDd6aIK34vOHTLvyypWTBYrceG-8LtYsxTztEtCFsQ3k21oUIgsTXOY-ZIJUw7IdYqImOOBt285M0Msg1RnokmojDQHp0k5ISYYT7vvLBbSfw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spdflashtool.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cs.chocolateplatform.com

URL

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEExPWj1ilka_gJXZKE5Jn3M&google_cver=1&google_push=AXcoOmQ7rLdaB9Z3oQUWubKm2Sd1ASon4nk5dGSpdeRvb6mxrfrsbEIFSw_tiL0tZahG_eI4br2oi5QKijDyGR20o2Bo1lPtRVwL

Domain

sync-dmp.aura-dsp.com

URL

https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEIQjMcS59hmQ5tZDY37TKjU&google_cver=1&google_push=AXcoOmQKhkUjigMD60-EvzyNBBPF-454sdALP5eTZYM6rQqDAORETIbE5uI8GQ4fLFhMxyg62py8y0AF1FODCKShb_2ssbFnnhdiQw