www.thephotoforum.com Open in urlscan Pro
45.33.28.77  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 60

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1

Request Chain 61

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1

Request Chain 62

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEOnjZ5mn4l3ZnVdaG4D1kE8&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnjZ5mn4l3ZnVdaG4D1kE8%26google_cver%3D1

Request Chain 63

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM5ODAwOTI5MDU1NzQ5OTAz

Request Chain 65

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP9gP81rNH8sH8zbVGm7vhs&google_cver=1&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9sRfx6N20G HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9sRfx6N20G&google_hm=

Request Chain 68

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAofU1_jwS7iP-SG1y7fw68&google_cver=1&google_push=AYg5qPIvi6nMjlhZwOwDj_yPjqKSl8kcXDK8o2RggWzahTxQW6MbNVoEdIzw5RpdlTvOJBIyYOpiySt9QdRXZ1--9cBlAOY6dr4P HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAofU1_jwS7iP-SG1y7fw68&google_cver=1&google_push=AYg5qPIvi6nMjlhZwOwDj_yPjqKSl8kcXDK8o2RggWzahTxQW6MbNVoEdIzw5RpdlTvOJBIyYOpiySt9QdRXZ1--9cBlAOY6dr4P&rdf=1

Request Chain 69

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIRacWBR2KtZzFzYR7eRqCQ&google_cver=1&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz71uwSPeFqhN2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz71uwSPeFqhN2

Request Chain 70

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAy4jaAvbV_D_YcACe4iDmk&google_cver=1&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP40OVSV1kczu574-LBaN-kCuFUD HTTP 302
• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAy4jaAvbV_D_YcACe4iDmk&google_cver=1&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP40OVSV1kczu574-LBaN-kCuFUD&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iamJ2SFF0RTJ1RjJ3UzR1aWhYTXpWM2lKcEMzRFBKNH5B&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP40OVSV1kczu574-LBaN-kCuFUD

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.thephotoforum.com/members/avita123.271237/	32 KB 10 KB	410ms 152ms	Document text/html	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash c622bba20cfe11c63a571f5f58be0fc2a26eb9fe032be403653d1be3c6a14a04 Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 18 Feb 2022 09:45:24 GMT content-type text/html; charset=utf-8 content-length 10138 x-frame-options SAMEORIGIN x-content-type-options nosniff nosniff last-modified Fri, 18 Feb 2022 09:45:24 GMT expires Thu, 19 Nov 1981 08:52:00 GMT cache-control private, no-cache, max-age=0 content-encoding gzip vary Accept-Encoding server nginx centminmod x-powered-by centminmod x-xss-protection 1; mode=block
GET H2	200	fa-light-300.woff2 www.thephotoforum.com/styles/fonts/fa/	180 KB 180 KB	128ms 126ms	Font font/woff2	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d Request headers Referer https://www.thephotoforum.com/members/avita123.271237/ Origin https://www.thephotoforum.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT last-modified Sat, 24 Jul 2021 14:00:46 GMT server nginx centminmod x-powered-by centminmod etag "60fc1d0e-2cf50" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 184144 expires Sat, 18 Feb 2023 09:45:24 GMT
GET H2	200	fa-solid-900.woff2 www.thephotoforum.com/styles/fonts/fa/	134 KB 134 KB	334ms 332ms	Font font/woff2	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c Request headers Referer https://www.thephotoforum.com/members/avita123.271237/ Origin https://www.thephotoforum.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT last-modified Sat, 24 Jul 2021 14:00:46 GMT server nginx centminmod x-powered-by centminmod etag "60fc1d0e-21678" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 136824 expires Sat, 18 Feb 2023 09:45:24 GMT
GET H2	200	fa-brands-400.woff2 www.thephotoforum.com/styles/fonts/fa/	75 KB 75 KB	334ms 332ms	Font font/woff2	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388 Request headers Referer https://www.thephotoforum.com/members/avita123.271237/ Origin https://www.thephotoforum.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT last-modified Sat, 24 Jul 2021 14:00:46 GMT server nginx centminmod x-powered-by centminmod etag "60fc1d0e-12bc4" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 76740 expires Sat, 18 Feb 2023 09:45:24 GMT
GET H2	200	css.php www.thephotoforum.com/	392 KB 82 KB	956ms 954ms	Stylesheet text/css	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=13&l=1&d=1643732906&k=9181be078941646f1048016c3b6e42a862d762dc Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 9f71caabcf3d6ad0146e38ef46266a2c9c4057eb422e2954277176d86dae992e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 01 Feb 2022 16:28:26 GMT server nginx centminmod x-frame-options SAMEORIGIN x-powered-by centminmod vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=31536000 content-length 83961 x-xss-protection 1; mode=block expires Sat, 18 Feb 2023 09:45:24 GMT
GET H2	200	css.php www.thephotoforum.com/	43 KB 8 KB	637ms 635ms	Stylesheet text/css	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/css.php?css=public%3Amember.less%2Cpublic%3Axb.less%2Cpublic%3Aextra.less&s=13&l=1&d=1643732906&k=f13c4fe03796bf66fda7b3f31d38381d0355744a Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 2d44ef1fe6def33628f229790654cc34ea2ff45b8f61585591e170339c2eff8b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 01 Feb 2022 16:28:26 GMT server nginx centminmod x-frame-options SAMEORIGIN x-powered-by centminmod vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=31536000 content-length 8418 x-xss-protection 1; mode=block expires Sat, 18 Feb 2023 09:45:24 GMT
GET H2	200	preamble.min.js Show response www.thephotoforum.com/js/xf/	3 KB 2 KB	334ms 333ms	Script application/javascript	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/js/xf/preamble.min.js?_v=acad0361 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT content-encoding br last-modified Thu, 20 Jan 2022 18:47:26 GMT server nginx centminmod x-powered-by centminmod etag W/"61e9ae3e-cc0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800 expires Sun, 20 Mar 2022 09:45:24 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	94 KB 37 KB	58ms 29ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-6323762-2 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 595c4ad281f19b169498755893a943f497c14231de73d21cf01e0bf88bb618ca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37323 x-xss-protection 0 last-modified Fri, 18 Feb 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 18 Feb 2022 09:45:25 GMT
GET H2	200	slick-theme.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/	3 KB 1 KB	67ms 27ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.css Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 55408 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 695 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-c49" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFXCvomPVD%2B3hSSwJ%2BhwgR8pwoNAMB%2BqHbk8SlMNmvhm83MuTy8GtfrdvCp5hcst2PMqg40%2FcE03NFMW0q0Ll2MB9D6mSRcWou8vR6rXjtH%2BRCnG7fWeNvruaTPij0FWAS%2Bg%2FsxzNWL4gwu%2BLRShy%2B%2Bm"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6df6528abfb55a0d-MXP expires Wed, 08 Feb 2023 09:45:24 GMT
GET H2	200	slick.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/	2 KB 772 B	74ms 35ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.css Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3768214 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 450 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-6f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d39YbAM6CG6zCCiw0R%2FXVDlnY0R%2BvjxtHkaop%2FrdZAGlhsulPSVA%2FuTeXcplwJ7nCq4MT1douqnpQmZbXL20YCthr3ZZIjhGGnjROEHHjpierrg7gX%2BVW9y7lTbBnfdM7yqpNZ7o7%2F7kOP3p7y4Rj4Uc"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6df6528abfb95a0d-MXP expires Wed, 08 Feb 2023 09:45:24 GMT
GET H2	200	photography-forum-l1.png www.thephotoforum.com/img/	12 KB 12 KB	130ms 128ms	Image image/png	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.thephotoforum.com/img/photography-forum-l1.png Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash de81b2bcd8f62866323297f3761459ec76b3b86b73ca54a56aeaa96e14bcbf69 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT last-modified Thu, 22 Jan 2015 19:57:20 GMT server nginx centminmod x-powered-by centminmod etag "54c15620-2e23" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800 accept-ranges bytes content-length 11811 expires Sun, 20 Mar 2022 09:45:25 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	153 KB 53 KB	67ms 39ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66375481181ccd78dee127b69ae96e264ca20331b0e88edb82a6e7dd6c665212 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53834 x-xss-protection 0 server cafe etag 9497340701504588385 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 18 Feb 2022 09:45:25 GMT
GET H2	200	1629X537946.skimlinks.js Show response s.skimresources.com/js/	50 KB 19 KB	239ms 10ms	Script application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://s.skimresources.com/js/1629X537946.skimlinks.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 8e355877d1c09d6ac205dfa02b481192bcafe32b4398724105b6ada974b2ad40 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip last-modified Wed, 12 Jan 2022 13:43:31 GMT server AmazonS3 x-amz-request-id 944KVJN2SE1C0AB7 etag "3f054e3c2f899526bca4ac624244a8ce" x-hw 1645177525.cds138.fr8.hn,1645177525.cds290.fr8.c content-type application/octet-stream cache-control max-age=3600 accept-ranges bytes content-length 19011 x-amz-id-2 GT0tXvfsYLoHOVJYXMOpxiLOiLWpwU4yeDPK7rs6aX2B7gHj48XQwP/CQcS4TgoOxeLwkQtC+04=
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	82 KB 28 KB	63ms 35ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 0dd28e2ba4df409b619643afbbb1c6e8976aa1ddef9904f8570a8cf8b911f05e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27570 x-xss-protection 0 server sffe etag "1135 / 379 of 1000 / last-modified: 1645139182" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 18 Feb 2022 09:45:25 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Thu, 17 Feb 2022 18:12:19 GMT content-encoding gzip x-content-type-options nosniff age 55986 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Feb 2023 18:12:19 GMT
GET H2	200	vendor-compiled.js Show response www.thephotoforum.com/js/vendor/	43 KB 12 KB	130ms 130ms	Script application/javascript	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/js/vendor/vendor-compiled.js?_v=acad0361 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding br last-modified Thu, 20 Jan 2022 18:47:25 GMT server nginx centminmod x-powered-by centminmod etag W/"61e9ae3d-aab8" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800 expires Sun, 20 Mar 2022 09:45:25 GMT
GET H2	200	core-compiled.js Show response www.thephotoforum.com/js/xf/	207 KB 56 KB	145ms 144ms	Script application/javascript	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/js/xf/core-compiled.js?_v=acad0361 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 9f12e9613ffc81683459a7891f3d764bbc642c1c1f24968838a9c7a81750cae1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding br last-modified Thu, 20 Jan 2022 18:47:27 GMT server nginx centminmod x-powered-by centminmod etag W/"61e9ae3f-33b35" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800 expires Sun, 20 Mar 2022 09:45:25 GMT
GET H2	200	inline_mod.min.js Show response www.thephotoforum.com/js/xf/	6 KB 2 KB	130ms 128ms	Script application/javascript	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/js/xf/inline_mod.min.js?_v=acad0361 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash 50dd71cf1cba64856357e62f4999a34c5b7952632efbe186ed3195ce4792612e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/members/avita123.271237/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding br last-modified Thu, 20 Jan 2022 18:47:26 GMT server nginx centminmod x-powered-by centminmod etag W/"61e9ae3e-18c3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800 expires Sun, 20 Mar 2022 09:45:25 GMT
GET H2	200	slick.min.js Show response cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/	43 KB 10 KB	26ms 24ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 114711 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9564 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-ab69" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1O6aSynESI0vZpdIQBBZUsNvhPtQzXb4QGLTZmeGao9BzkmKtVBY4FyUpta1QZ3zUhHLfYGm8de58svyEZj4We%2Fxj8avSOUZO4S8rX%2FQLteyclcMPEcXa9zw82XHi1uXxxu6A%2BRyaMwLoioGh%2BSp4T8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6df65290ba615a0d-MXP expires Wed, 08 Feb 2023 09:45:25 GMT
GET H2	200	4e9021c1ac43e96a8e48bc0d3d5f9967.js Show response cdn.threadloom.com/ga/	455 B 900 B	46ms 8ms	Script text/javascript	35.186.216.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.threadloom.com/ga/4e9021c1ac43e96a8e48bc0d3d5f9967.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.216.200 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 200.216.186.35.bc.googleusercontent.com Software UploadServer / Resource Hash c9937a0a78d361cdc6b45247c794cc1c7c15cb522da70a158353e8fef0914056 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:43:10 GMT age 135 x-guploader-uploadid ADPycdsWbAOyJ9jOALBOhTI-ar52sDLmmKxfbOcuMKg5apjT6vV7mggbkGI9hArmZHtkHCWMVB_bNEfHHiXhzX8NICg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc clear content-length 455 last-modified Fri, 22 May 2020 23:21:24 GMT server UploadServer etag "0faea4b49581f6b3d64d70fac7e8572b" vary Origin x-goog-hash crc32c=NfPSQA==, md5=D66ktJWB9rPWTXD6x+hXKw== x-goog-generation 1590189684585947 cache-control max-age=600,public x-goog-stored-content-length 455 accept-ranges bytes content-type text/javascript
POST H2	200	/ Show response r.skimresources.com/api/	150 B 345 B	32ms 17ms	XHR application/json	35.190.59.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.skimresources.com/api/ Requested by Host: s.skimresources.com URL: https://s.skimresources.com/js/1629X537946.skimlinks.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.59.190.35.bc.googleusercontent.com Software openresty/1.11.2.5 / Resource Hash 08a6400c2bdb0d7b610a07b51fdf0891fd334f7712d023c9fa878b64e8ef6387 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.thephotoforum.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Content-type application/x-www-form-urlencoded Response headers date Fri, 18 Feb 2022 09:45:25 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.11.2.5 strict-transport-security max-age=31536000 content-type application/json access-control-allow-origin https://www.thephotoforum.com vary Accept-Encoding access-control-allow-credentials true alt-svc clear via 1.1 google
GET H2	206	robots.txt t.skimresources.com/api/v2/ Frame C0B0	0 102 B	60ms 23ms	Image text/plain	35.201.67.47 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.2808610590326248 Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 47.67.201.35.bc.googleusercontent.com Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:25 GMT via 1.1 google server Python/3.7 aiohttp/3.5.4 alt-svc clear content-length 0 content-type text/plain charset=UTF-8
GET H3	200	pubads_impl_2022021602.js Show response securepubads.g.doubleclick.net/gpt/	362 KB 121 KB	26ms 9ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 06:36:03 GMT content-encoding gzip x-content-type-options nosniff age 11362 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 124238 x-xss-protection 0 last-modified Thu, 17 Feb 2022 02:36:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 18 Feb 2023 06:36:03 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	78 B 102 B	332ms 16ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thephotoforum.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 854c1718c17470b54e2c4b4fc88e58f64d9f55bb7abfefc61263c0d80ef747a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 77 x-xss-protection 0 expires Fri, 18 Feb 2022 09:45:26 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	34ms 8ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-6323762-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6034 date Fri, 18 Feb 2022 08:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 18 Feb 2022 10:04:52 GMT
GET H3	200	show_ads_impl_with_ama.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/	329 KB 113 KB	53ms 37ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e6a78e9b8b1e64c13aed6ba9bf2bad5a48221b7993afe13b347b431313f714eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116050 x-xss-protection 0 server cafe etag 6592569851601758745 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 18 Feb 2022 09:45:26 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 2DDD	10 KB 5 KB	32ms 7ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4502 x-xss-protection 0 date Fri, 18 Feb 2022 03:10:18 GMT expires Fri, 04 Mar 2022 03:10:18 GMT cache-control public, max-age=1209600 age 23708 etag 4044455266028820542 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	/ Show response r.skimresources.com/api/	150 B 196 B	16ms 16ms	XHR application/json	35.190.59.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.skimresources.com/api/ Requested by Host: s.skimresources.com URL: https://s.skimresources.com/js/1629X537946.skimlinks.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.59.190.35.bc.googleusercontent.com Software openresty/1.11.2.5 / Resource Hash 709dd7b0004f773ecafa7e6063ec047e37ced0090baeb0a1d1bfee845fdee06c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.thephotoforum.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Content-type application/x-www-form-urlencoded Response headers date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.11.2.5 strict-transport-security max-age=31536000 content-type application/json access-control-allow-origin https://www.thephotoforum.com vary Accept-Encoding access-control-allow-credentials true alt-svc clear via 1.1 google
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	31ms 15ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=596679684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thephotoforum.com%2Fmembers%2Favita123.271237%2F&ul=en-us&de=UTF-8&dt=avita123%20%7C%20ThePhotoForum%20%F0%9F%93%B7%20Film%20%26%20Digital%20Photography%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1214848111&gjid=692209285&cid=1907826207.1645177526&tid=UA-6323762-2&_gid=1344046368.1645177526&_r=1&gtm=2ou2g0&z=986622629 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.thephotoforum.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:26 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.thephotoforum.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	26ms 15ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=596679684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thephotoforum.com%2Fmembers%2Favita123.271237%2F&ul=en-us&de=UTF-8&dt=avita123%20%7C%20ThePhotoForum%20%F0%9F%93%B7%20Film%20%26%20Digital%20Photography%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1478696169&gjid=974605701&cid=1907826207.1645177526&tid=UA-119799019-29&_gid=1344046368.1645177526&_r=1&_slc=1&z=259458601 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.thephotoforum.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:26 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.thephotoforum.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	page Show response t.skimresources.com/api/v2/	22 B 344 B	31ms 30ms	XHR application/javascript	35.201.67.47 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://t.skimresources.com/api/v2/page Requested by Host: s.skimresources.com URL: https://s.skimresources.com/js/1629X537946.skimlinks.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 47.67.201.35.bc.googleusercontent.com Software Python/3.7 aiohttp/3.5.4 / Resource Hash fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.thephotoforum.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Content-type text/plain Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:26 GMT via 1.1 google x-content-type-options nosniff server Python/3.7 aiohttp/3.5.4 access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8, application/javascript access-control-allow-origin https://www.thephotoforum.com cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 22
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	221 B 419 B	18ms 14ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.thephotoforum.com&callback=_gfp_s_&client=ca-pub-7140863250046446 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash f7cba081b4eab3acdcef11715dacf8ea84f2079121082c667f9aa61150a443c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 204 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	41ms 16ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.thephotoforum.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	40ms 15ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.thephotoforum.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3C17	0 19 B	140ms 123ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7140863250046446&output=html&adk=85976724&adf=3412083302&lmt=1645177524&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thephotoforum.com%2Fmembers%2Favita123.271237%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645177525986&bpp=3&bdt=1134&idt=120&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2133656477526&frm=20&pv=2&ga_vid=1907826207.1645177526&ga_sid=1645177526&ga_hid=596679684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31063222&oid=2&pvsid=1744076924173789&pem=657&tmod=938613073&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=137 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 18 Feb 2022 09:45:26 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 18 Feb 2022 09:45:26 GMT cache-control private
POST H2	200	job.php Show response www.thephotoforum.com/	14 B 186 B	134ms 133ms	XHR application/json	45.33.28.77 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.thephotoforum.com/job.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.33.28.77 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS centmin1.forumfoundry.com Software nginx centminmod / centminmod Resource Hash f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.thephotoforum.com/members/avita123.271237/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:26 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 18 Feb 2022 09:45:26 GMT server nginx centminmod x-powered-by centminmod vary Accept-Encoding content-type application/json; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 x-xss-protection 1; mode=block expires Tue, 03 Jul 2001 06:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	37ms 22ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8197376d911582318aec06b82b6c59108d0f0cacd42bf4017febbf15a0bd750e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9775 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	33ms 17ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.thephotoforum.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	31ms 16ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.thephotoforum.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	153 KB 55 KB	964ms 964ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1744076924173789&correlator=298969009692123&output=ldjh&impl=fifs&eid=31063377%2C31064911%2C31064988&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220218&iu_parts=1027846%2Cthephotoforum-728n%2Cthephotoforum-side1%2Cthephotoforum-160sv%2Cthephotoforum-thread1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x600%7C160x600%2C300x250&cookie=ID%3D155cb34c9f4373fd-22d7bdb545cd00ce%3AT%3D1645177526%3ART%3D1645177526%3AS%3DALNI_Mav6upUj3db0R-a312A-KgP9aqoWw&bc=31&abxe=1&dt=1645177526316&lmt=1645177524&dlt=1645177524851&idt=1209&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C-9%2C-9%2C-9&adys=202%2C-9%2C-9%2C-9&adks=1956941760%2C3532653919%2C1448969731%2C4061403810&ucis=1%7C2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.thephotoforum.com%2Fmembers%2Favita123.271237%2F&vis=1&scr_x=0&scr_y=0&psz=728x90%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1907826207.1645177526&ga_sid=1645177526&ga_hid=596679684&ga_fc=true&fws=4%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 50d0b62a05c1a44046773a7bd3ab09880a9eb3c3c400644d8973888b78d626fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56736 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.thephotoforum.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B63F	6 KB 4 KB	74ms 16ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 18 Feb 2022 09:45:26 GMT expires Sat, 18 Feb 2023 09:45:26 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	40ms 18ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama.js?client=ca-pub-7140863250046446&plah=www.thephotoforum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 18 Feb 2022 09:45:26 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6834	13 KB 5 KB	25ms 7ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 18 Feb 2022 09:40:22 GMT expires Sat, 18 Feb 2023 09:40:22 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 304 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 53A0	783 B 1 KB	40ms 16ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash af9dfef8aee2552584cae8e57f499f6173cc2496f685b934520e5d9d534ca324 Security Headers Name Value Content-Security-Policy script-src 'nonce-ZSgE0/nUOzSgl13gD1wAbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 18 Feb 2022 09:45:26 GMT date Fri, 18 Feb 2022 09:45:26 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'nonce-ZSgE0/nUOzSgl13gD1wAbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response pagead2.googlesyndication.com/bg/ Frame 6834	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Tue, 15 Feb 2022 01:49:35 GMT content-encoding br x-content-type-options nosniff age 287751 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13572 x-xss-protection 0 last-modified Mon, 14 Feb 2022 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 Feb 2023 01:49:35 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 53A0	0 0	85ms 85ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=1744076924173789&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers
GET		generate_204 tpc.googlesyndication.com/ Frame 6834	0 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	44ms 43ms	Image image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=1744076924173789&bg=!mZqlmt7NAAbf-5Dq3_s7ACkAdvg8WlA8vT7_y_xRuNqzjYbDP1GBdrsDuQ9EpCHCeIZZL8Ot1RMEeAIAAABbUgAAAANoAQeZAnmmJG6Y9VyxNWWRp3XxaxqegucctUiqkpmTE94p3YGOXEIstTFnMu658Zj6RLZQWP3zm3WCLKkT0XQOYAOu1MULDot6bDvxb-E2pJBSQ4jrqQfHhiD__XRXE0zaV45-PkzntNDG7myaS8TACPlaylMFF1QK4q4ExxdRvMJZsYt0P_hadFygNpXpps2_xSy1ZPia8nfZHSiQfvsiuiC_wNcqdJ3TWW9DHNbos8VWH84av_u2yqRZ0H7FkonjrVphyeyqiGP67KtgtwK3d4R-XafZm5A-1q2J23JIK_AZkLEfXZB4H3zaHjolGXJdemzzAcFJKqj6PtvnKA1r30EZgdk7f6RQk9vVq8eJtSnna2XA3Wlp0GTvFfyLsmhUXX0GX4d8O30xst1P5X23VYvB1k1NYyNl6MWn5LmchMCcy6DnWLV-rZ6_w60nwwVyzxUal_98eNgOxVfQQmTIFWXiltaCoZKXTNkOHcTPI2O9mGR_66hRthSPMzKhryQjxAQAmhacBVe-xPSKPjKWXkgHPOmdDZdp7aqjmJdBOoMQbwSRYGHWrMvFxwKOWBM_bbN6ag4LpYA6Rl4qTC17x_U1XkZcC_8-JorBWjJ8IUtUwbzPO5aiB0uLNadwyBl19_aInAPftyus8KW9ZRsgxgyXehTc1Zot__TsBnnNs5Mk6TFgc4V9rh6C4geZWhZ9Z2juLJaBDkoaplJnumYq9bc9_0CtZAOjkd4VIlPqEh1MFotUvHvLqVxYBt2W_fs4mT9jvsU6gB_gTAll-InzO5PL9bloe77YCPMxQ2nUYfITH97EnU26vehruh-2eyw0yg5i9bqJ0a2zzIiP_fQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	container.html Show response 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5D6	6 KB 3 KB	24ms 9ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://www.thephotoforum.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 18 Feb 2022 09:45:26 GMT expires Sat, 18 Feb 2023 09:45:26 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7809	624 B 297 B	21ms 21ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNVW8bTcZ50IfQDTCNOBOwA7Cw4S_jEFThAgR0GR0a8LqhcWFMfBbDxz1kVtzC0H1R_UJ9P7y_R1evj68PoDMYTn6PyAKXsS7eISKipJCRapMbgcNP1eaIjthBpJ4B-b1ljYAc_LZ_VLUYC9HxA7CEJahNzPajrzIUKKi8ZpAE4bBzLYWr4 Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 18 Feb 2022 09:45:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame D5D6	106 KB 38 KB	31ms 7ms	Script text/javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ Origin https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Thu, 17 Feb 2022 16:13:41 GMT content-encoding gzip x-content-type-options nosniff age 63106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 18 Feb 2022 16:13:41 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/ Frame D5D6	8 KB 3 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/elements/html/omrhp.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:40:24 GMT content-encoding gzip x-content-type-options nosniff age 303 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Mar 2022 09:40:24 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame D5D6	25 KB 9 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite.js Requested by Host: www.thephotoforum.com URL: https://www.thephotoforum.com/members/avita123.271237/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:36:55 GMT content-encoding gzip x-content-type-options nosniff age 512 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9648 x-xss-protection 0 server cafe etag 2224892065184813991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Mar 2022 09:36:55 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame D5D6	42 B 63 B	41ms 40ms	Image image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClrMZmd_0188whpG0_jfNlq3eKtNJKlts1w3gT7CgpLUhVWM9ef9CftbK_tZRF3y3-EEs4KqSJUZuXEX5AItkKZC7aSr8GwXbgsyHnPrhVAVxiOqU Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame D5D6 Redirect Chain https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on https://d.adtriba.com/px.gif	42 B 227 B	9ms 8ms	Image image/gif	18.195.252.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 18.195.252.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-252-197.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers Date Fri, 18 Feb 2022 09:45:27 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Fri, 18 Feb 2022 09:45:27 GMT Last-Modified Fri, 18 Feb 2022 09:45:27 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame D5D6	2 KB 1 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus.js Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:27:18 GMT content-encoding gzip x-content-type-options nosniff age 1089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1235 x-xss-protection 0 server cafe etag 218260476562286327 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Mar 2022 09:27:18 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D5D6	124 KB 38 KB	50ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38723 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1645015031201889" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 18 Feb 2022 09:45:27 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame D5D6	18 KB 7 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection.js Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:26:59 GMT content-encoding gzip x-content-type-options nosniff age 1108 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7519 x-xss-protection 0 server cafe etag 5754846754200317394 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Mar 2022 09:26:59 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame D5D6	0 0	32ms 14ms	Image text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIqDhws5_K145PHijcDErwnD9vzd0NduSOtmSBCXDMp9tZq-A-TPBNkEHDEVRvjFWF6uMzTlnos4uWljGSIUaeAaSq7w Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame D5D6	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Thu, 17 Feb 2022 15:42:02 GMT content-encoding gzip x-content-type-options nosniff age 65005 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Feb 2023 15:42:02 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2E39	1 KB 749 B	12ms 10ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 date Thu, 17 Feb 2022 13:26:12 GMT expires Fri, 18 Feb 2022 13:26:12 GMT cache-control public, max-age=86400 age 73155 etag 48472445140208031 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7809 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1	43 B 315 B	30ms 30ms	Image image/gif	104.85.0.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNVW8bTcZ50IfQDTCNOBOwA7Cw4S_jEFThAgR0GR0a8LqhcWFMfBbDxz1kVtzC0H1R_UJ9P7y_R1evj68PoDMYTn6PyAKXsS7eISKipJCRapMbgcNP1eaIjthBpJ4B-b1ljYAc_LZ_VLUYC9HxA7CEJahNzPajrzIUKKi8ZpAE4bBzLYWr4 Protocol HTTP/1.1 Server 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-85-0-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Fri, 18 Feb 2022 09:45:27 GMT Redirect headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Fri, 18 Feb 2022 09:45:27 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7809 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1	43 B 315 B	25ms 24ms	Image image/gif	104.85.0.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNVW8bTcZ50IfQDTCNOBOwA7Cw4S_jEFThAgR0GR0a8LqhcWFMfBbDxz1kVtzC0H1R_UJ9P7y_R1evj68PoDMYTn6PyAKXsS7eISKipJCRapMbgcNP1eaIjthBpJ4B-b1ljYAc_LZ_VLUYC9HxA7CEJahNzPajrzIUKKi8ZpAE4bBzLYWr4 Protocol HTTP/1.1 Server 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-85-0-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Fri, 18 Feb 2022 09:45:27 GMT Redirect headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENBPP3DJpugqFUmAvDhrMw&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Fri, 18 Feb 2022 09:45:27 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 7809 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEOnjZ5mn4l3ZnVdaG4D1kE8&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnjZ5mn4l3ZnVdaG4D1kE8%26google_cver%3D1	43 B 1 KB	8ms 7ms	Image image/gif	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnjZ5mn4l3ZnVdaG4D1kE8%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNVW8bTcZ50IfQDTCNOBOwA7Cw4S_jEFThAgR0GR0a8LqhcWFMfBbDxz1kVtzC0H1R_UJ9P7y_R1evj68PoDMYTn6PyAKXsS7eISKipJCRapMbgcNP1eaIjthBpJ4B-b1ljYAc_LZ_VLUYC9HxA7CEJahNzPajrzIUKKi8ZpAE4bBzLYWr4 Protocol HTTP/1.1 Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT X-Proxy-Origin 193.27.14.37; 193.27.14.37; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 8524c626-fc30-4a26-a8de-e9a04f3d8739 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT X-Proxy-Origin 193.27.14.37; 193.27.14.37; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 13bda50f-2206-4a64-95ee-56bfad00a048 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnjZ5mn4l3ZnVdaG4D1kE8%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7809 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM5ODAwOTI5MDU1NzQ5OTAz	170 B 188 B	17ms 17ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM5ODAwOTI5MDU1NzQ5OTAz Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjjhpmxATAB&v=APEucNVW8bTcZ50IfQDTCNOBOwA7Cw4S_jEFThAgR0GR0a8LqhcWFMfBbDxz1kVtzC0H1R_UJ9P7y_R1evj68PoDMYTn6PyAKXsS7eISKipJCRapMbgcNP1eaIjthBpJ4B-b1ljYAc_LZ_VLUYC9HxA7CEJahNzPajrzIUKKi8ZpAE4bBzLYWr4 Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 18 Feb 2022 09:45:27 GMT X-Proxy-Origin 193.27.14.37; 193.27.14.37; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid bb5dd36a-7fa5-4d9f-9a13-f0186e6d3cf9 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM5ODAwOTI5MDU1NzQ5OTAz Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame ACB0	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Tue, 15 Feb 2022 19:08:42 GMT expires Wed, 15 Feb 2023 19:08:42 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 225405 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E39 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP9gP81rNH8sH8zbVGm7vhs&google_cver=1&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9s... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9sRfx6N20G&google_hm=	170 B 188 B	20ms 20ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9sRfx6N20G&google_hm= Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIwEVxBk3HmLrXxb2_X5rPEgF5xRo9PF58Dn5y1dGQ82q23Vy95jjFfDhzb52vITDfeb_X5mO5ae2gea9xUnP9sRfx6N20G&google_hm= Date Fri, 18 Feb 2022 09:45:27 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H3	200	dot.gif s0.2mdn.net/ Frame 2E39	43 B 65 B	32ms 16ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEEL4ajNCEbsxkxML7VzItKU&google_cver=1&google_push=AYg5qPK2N8aUZFZLczflb02zbT8ZjLtpTgtjm1h_Li_HDXDMeuU_wJJrYuNzeYYsCeQlaVsrtc6J1kcOqDcnfgQy9c18dQFpxcW1 Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 19 Feb 2022 09:45:27 GMT
GET H2	200	dds rtb.openx.net/sync/ Frame 2E39	43 B 351 B	73ms 54ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEK-_2Sqvvcqv8xj9VgLlg3I&google_cver=1&google_push=AYg5qPK7vHwmGHWizRVJihKjWLIkSyLInzwc_OsbARBUfe3godeCnAbWUHAvxB7W8vEH-4XxiLPC2PHFJ2YuNZbRkEKGXgz7vGk Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 1nr8dvc41dn8i0qgnai3sjn4lp77k7to
GET H2	200	UCookieSetPug image6.pubmatic.com/AdServer/ Frame 2E39 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...	0 41 B	157ms 156ms	Image text/html	192.82.242.209 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAofU1_jwS7iP-SG1y7fw68&google_cver=1&google_push=AYg5qPIvi6nMjlhZwOwDj_yPjqKSl8kcXDK8o2RggWzahTxQW6MbNVoEdIzw5RpdlTvOJBIyYOpiySt9QdRXZ1--9cBlAOY6dr4P&rdf=1 Protocol H2 Server 192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8 Redirect headers location /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAofU1_jwS7iP-SG1y7fw68&google_cver=1&google_push=AYg5qPIvi6nMjlhZwOwDj_yPjqKSl8kcXDK8o2RggWzahTxQW6MbNVoEdIzw5RpdlTvOJBIyYOpiySt9QdRXZ1--9cBlAOY6dr4P&rdf=1 date Fri, 18 Feb 2022 09:45:27 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E39 Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIRacWBR2KtZzFzYR7eRqCQ&google_cver=1&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz71uwSPeFqhN2	170 B 188 B	50ms 50ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz71uwSPeFqhN2 Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 18 Feb 2022 09:45:27 GMT via 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-P5 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIcl2VEkvOoCCRgHt5NgAkVJZODwiujqPOx03FSLQ6asNdCDa3b1jv0PzJ2HrBJFOARc9G8jbzhcYScOJmz71uwSPeFqhN2 cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id eavxpJ0mhKtFEGcszQIjK6pzCH2SINUf2X1oTUeSjfYTe9V6QW6khQ==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2E39 Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAy4jaAvbV_D_YcACe4iDmk&google_cver=1&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP... https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAy4jaAvbV_D_YcACe4iDmk&google_cver=1&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iamJ2SFF0RTJ1RjJ3UzR1aWhYTXpWM2lKcEMzRFBKNH5B&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW...	170 B 188 B	26ms 25ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iamJ2SFF0RTJ1RjJ3UzR1aWhYTXpWM2lKcEMzRFBKNH5B&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP40OVSV1kczu574-LBaN-kCuFUD Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iamJ2SFF0RTJ1RjJ3UzR1aWhYTXpWM2lKcEMzRFBKNH5B&google_push=AYg5qPKEDkJGtFsk2YLzcW-Pi0LUU9LOeYzeICTWwlLfvrYfJ2DwCbVwW6BD7TSJrm4Bxc4fcP40OVSV1kczu574-LBaN-kCuFUD date Fri, 18 Feb 2022 09:45:27 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	200	dot.gif s0.2mdn.net/ Frame 2E39	43 B 65 B	29ms 15ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEBXjGgDEFR8XoXMZ7KtzC-o&google_cver=1&google_push=AYg5qPL_zERXUX9XyNUKKUgsx-n-ZwtkVGB10bA4ET02abskcKGU2Z0NsamARVNIRl1oDWBP0ocFXEcsrUUYYNCuTKLWDwXZ_iwcMA Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 19 Feb 2022 09:45:27 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 2E39	0 50 B	18ms 16ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IICILkbgrgNArec_d5ygpyDSzFTbj44_aGVX3rXsTHqEF5X4USjDWD38W0CcdTPGUwI2dW2_U Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 09:45:27 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/7860574013052223822/ Frame D54A	37 KB 6 KB	15ms 8ms	Document text/html	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee605302e3ad67e04e30342f98ec9f6228fecba91b23e2bf0842ff81bc25007 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 5704 date Sat, 12 Feb 2022 09:51:04 GMT expires Sun, 12 Feb 2023 09:51:04 GMT cache-control public, max-age=31536000 age 518063 last-modified Sat, 01 Jan 2022 00:11:26 GMT content-type text/html alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame D5D6	0 571 B	107ms 82ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunmiGKBjWhMxT3PG4w5iJezjXZIYCMQ6Ng91WUH6q6hISWueDNML4GC7Le5Yn9OAXQPzfK9lnSwDh4GvACfqVPg3uMK3EqEEPFv1_QRvfvOhIdAPof6iTM0dBNph9sUtDMbtFdk7Mgc9gqTG-1PY5qhss7oTtWICVtO39jSGEu9DumkMopNxd4ImXaTNFSgemRwOvGHGLkh5Tp1qDembmibkoLJGr1Eu2VftBZtyT6uyzC8lp2w8va7poF7BFa_RrwqA0f-Ao7ZBFQY1ayALN-cnrfu8FjUynIK-wMybSpCHr7EgmWO7747nHruglwPCUjyl3z294Ung5D0WuMIC3alsi_NlQTWxYV3_eMX9Ia5XaymTiUtkewjf-45MkjO15I0j4e7L5Hz9rqMNKeanm_6-R15Es7KKdVMpU-mWa8jPKre0fhAwdwMutxKXHW_L7VhGKZOnGplEOZokaxrdtEMtExzAMGM-NcTMw_IZijWCXlxF6fwHTPIbs29WdMbqFW5GnXLKkdazzzDjm1exKG8CMFEKDCtjun94VUkTK9iEB5MwC2Kk2zXcjZDUsejyAzFFDa7v0EwFdlJJdSBMsyYlFupjzqg2J0rj7HkD6HkjYjw4cH-93c1WO0OEgbzKU2ZMi-7s4XxjxLfhI2VWU4QakIjFBcM98MmJraxRX6zxhX0YsD0KkfWQupsGTBogsZ57Zk8Y9sdF-7O-WlimEAHipSSoAc7Dg9i7unuH9ZtJxaBr216XreOOsKl3yb01fl_S2R5WbdHFs54y63ixwUtIr__5lHNW3GMqlP4gtI7SxoFRNL6W_tZxDz1KgNSOA8qyRECygpZCzzqV98tT3WwgrGr_HO_0-JIGVeXwJhHz5PE_0xl4qehiv1JBYUzjUKYQwSFYO1_iFr2ngxf2HfRgwgBbQnFTVzC9ycb31R9xC5PKgJ4FAEgdDQWymd3tfLpX7CSM5DqwsGSDagjDLqoqSay9UcNxLIjv3xZ2BOFVfv_J1oK1Phin2mxK5cT8yR1lYejJjHmSGOYtfzinCu8VmoHPxtPEg9515EKjYK11Umde4eAON7JnU1QDrQiIt7Fc9zWbNiLg85GNhQplfL9yuLoCjd-fO2NHEOYyCtH6E70sORVV-QMsn0ZuQUnKJ1ml86G4OXAJ9CRRetdOjcJS3Yk1uHZkNduizo3vfaaHs45oECc8XJOT-GUNtOh_MCUAxHFbc8lCa5kUwWT-CL0getWQvfUMtZiwI6eaJdebTcJX7qKAxqBfMoajf4OVfXLlogbskOvU7S2ObNIKP3pNyLQsT_8E8i158S1NY2K4xMA1A&sai=AMfl-YQoSwLRg5zXd9hHI0lOxXfxk2IbR9ApBHUYZpp2LAk4RORrZ4S1FyPIgRnJzXGFB1-ZfGOoMzLXCOLMHc2vDA_Cl1BwBnztlwbdI_Adkeoc5Tq0cRjC6Z5nl_UpSnd-FScXBrRaIjVgzRkYxv5INPoxV09MLWbbEvrtwg16ientPPGKLBobd7HoysJmfMRpQEiQ_eYMI6RUKo4FtbwBzMcxXhNW19kkYo3tmQcQ3_V8n4SMYP7SqRcbZcPiJCBiSYvcNoKo2-xTknSkEZaNDNeuaB6TsN60ECF6Ye0qG2tsvvQ&sig=Cg0ArKJSzFCBBBf8Je8YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=48&cbvp=1&cstd=46&cisv=r20220216.16203&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 18 Feb 2022 09:45:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Show response pagead2.googlesyndication.com/bg/ Frame ACB0	35 KB 13 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 07:09:57 GMT content-encoding br x-content-type-options nosniff age 9330 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13646 x-xss-protection 0 last-modified Mon, 14 Feb 2022 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 Feb 2023 07:09:57 GMT
GET H3	200	25d643d4b8750bdc341b34f7c06486a7.js Show response s0.2mdn.net/sadbundle/7860574013052223822/ Frame D54A	65 KB 17 KB	8ms 7ms	Script application/x-javascript	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/25d643d4b8750bdc341b34f7c06486a7.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ea394861b4fa43c3b873a418272ddc3f5844d2b179cb74ee55ae2b15561d8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:06 GMT content-encoding gzip x-content-type-options nosniff age 518061 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17306 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:06 GMT
GET H3	200	5f70f6402a04a3fc46176d6223babc97.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	3 KB 984 B	8ms 7ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/5f70f6402a04a3fc46176d6223babc97.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 021d6e1bfc825ba6668c3b4a157ea11fc64191ab5bbe32eb2864bb1b93541fae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 955 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	cd146b9f541a4bb242933d337e045691.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	2 KB 751 B	9ms 7ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/cd146b9f541a4bb242933d337e045691.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 971e07373632d9069a454ed1df5ba4ca1fc498c71e8671efc703c4a1c629a658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 722 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	d06417b172417aef6815e6c350139607.jpg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	3 KB 3 KB	18ms 14ms	Image image/jpeg	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/d06417b172417aef6815e6c350139607.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:49:28 GMT x-content-type-options nosniff age 518159 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2607 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:49:28 GMT
GET H3	200	59413ffb86fa521ba8c7652d05f7b1fa.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	7 KB 2 KB	11ms 7ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/59413ffb86fa521ba8c7652d05f7b1fa.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a35239da0c74d98ed67f4fe2c708b3e537de0a09df68d7de83f56af63c4cff1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2093 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	6c494a24a406f09526260b731f1d4c12.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	1 KB 611 B	18ms 14ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/6c494a24a406f09526260b731f1d4c12.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 60c86673aa27cb02e33a709cec0fa422114542e084fb0d7bedf29ff7497f073c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 582 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	d31a7d7d2ea9d536c97f1c84ab796883.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	574 B 372 B	18ms 14ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/d31a7d7d2ea9d536c97f1c84ab796883.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7193b093defca9cfab99d6d05a55d0765f0bf6028ede182b41cfb3dcbd32390 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Fri, 18 Feb 2022 02:30:20 GMT content-encoding gzip x-content-type-options nosniff age 26107 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 18 Feb 2023 02:30:20 GMT
GET H3	200	d53c5beccc161ce0d8d820dabd473915.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	5 KB 2 KB	18ms 15ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/d53c5beccc161ce0d8d820dabd473915.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0443cfa5ac5756bc2aebd73590af9f24cdab4d5d4534cc2ff61c990076e9e024 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sun, 13 Feb 2022 07:06:20 GMT content-encoding gzip x-content-type-options nosniff age 441547 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1643 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 13 Feb 2023 07:06:20 GMT
GET H3	200	c5d8d423adf660ba0cb174e42a24ef11.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	1 KB 528 B	18ms 14ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/c5d8d423adf660ba0cb174e42a24ef11.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5608437b7db130f4e6493a392aa3a1d7d8fc40463d48ca4b90560720cddc25f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 499 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	6ea184c6e5380f5b473baab94a594ca2.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	4 KB 2 KB	20ms 16ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/6ea184c6e5380f5b473baab94a594ca2.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0b4ab48ddc79c364ee6e4edb899919df431379e4a3e0ea6e6cab01e8a59d124a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1560 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	4e556d550f2695d06b7cf16e16015af9.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	936 B 383 B	18ms 15ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/4e556d550f2695d06b7cf16e16015af9.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Thu, 17 Feb 2022 12:25:34 GMT content-encoding gzip x-content-type-options nosniff age 76793 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 354 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 17 Feb 2023 12:25:34 GMT
GET H3	200	045f4058a334cb2067242d2059d28129.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	903 B 501 B	19ms 16ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/045f4058a334cb2067242d2059d28129.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edf0e2ed98017782d5d433ff339306445ac27b4d6f2c4b8aad1a0d5fbe8ff69a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 472 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	82893d068447bff6f0ea6d2a10e424f3.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	260 B 235 B	19ms 16ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/82893d068447bff6f0ea6d2a10e424f3.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c391610650705b357c98f83dc2d16afd92cf5c4ff9415ee7c6fb4fb5ec1a143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 206 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	e93ae648ff2504b090ba3f01719396eb.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	3 KB 1 KB	18ms 15ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/e93ae648ff2504b090ba3f01719396eb.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d17c886b01def0c10e4d7840b03a369e36880b00958cbb3f85cab47bc107e602 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sun, 13 Feb 2022 08:35:57 GMT content-encoding gzip x-content-type-options nosniff age 436170 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1143 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 13 Feb 2023 08:35:57 GMT
GET H3	200	a01de4256526fa25b5a4f8ef982c863c.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	1 KB 604 B	18ms 15ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/a01de4256526fa25b5a4f8ef982c863c.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6986324e5703b8e839b81e2b221214f286ae020bf5d4125fd0ad81b395d5e924 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 575 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	aaeae5592a41b6cd27787062b1d6eeb9.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	3 KB 1 KB	20ms 17ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/aaeae5592a41b6cd27787062b1d6eeb9.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 396ba6baecc7e52df5599ffdc5f55c87c8969d7b4cde477f6ca9bda366e183ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:51:07 GMT content-encoding gzip x-content-type-options nosniff age 518060 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1129 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:51:07 GMT
GET H3	200	20cd3c9c87a3dcad42074ff89b4391e0.svg s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	8 KB 2 KB	20ms 16ms	Image image/svg+xml	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/20cd3c9c87a3dcad42074ff89b4391e0.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Tue, 15 Feb 2022 18:59:59 GMT content-encoding gzip x-content-type-options nosniff age 225928 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2458 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 15 Feb 2023 18:59:59 GMT
GET H3	200	8fe2b4994050fedde07fd3a0ae1eaaa5.png s0.2mdn.net/sadbundle/7860574013052223822/media/ Frame D54A	2 KB 2 KB	19ms 16ms	Image image/png	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/7860574013052223822/media/8fe2b4994050fedde07fd3a0ae1eaaa5.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7860574013052223822/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cf90fe7c9ee9bf8b341652cbe30c2565cc2457cb1fced28c0c73a4116ecfc95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/7860574013052223822/index.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers date Sat, 12 Feb 2022 09:49:28 GMT x-content-type-options nosniff age 518159 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1761 x-xss-protection 0 last-modified Sat, 01 Jan 2022 00:11:26 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 Feb 2023 09:49:28 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D5D6	0 23 B	62ms 46ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunmiGKBjWhMxT3PG4w5iJezjXZIYCMQ6Ng91WUH6q6hISWueDNML4GC7Le5Yn9OAXQPzfK9lnSwDh4GvACfqVPg3uMK3EqEEPFv1_QRvfvOhIdAPof6iTM0dBNph9sUtDMbtFdk7Mgc9gqTG-1PY5qhss7oTtWICVtO39jSGEu9DumkMopNxd4ImXaTNFSgemRwOvGHGLkh5Tp1qDembmibkoLJGr1Eu2VftBZtyT6uyzC8lp2w8va7poF7BFa_RrwqA0f-Ao7ZBFQY1ayALN-cnrfu8FjUynIK-wMybSpCHr7EgmWO7747nHruglwPCUjyl3z294Ung5D0WuMIC3alsi_NlQTWxYV3_eMX9Ia5XaymTiUtkewjf-45MkjO15I0j4e7L5Hz9rqMNKeanm_6-R15Es7KKdVMpU-mWa8jPKre0fhAwdwMutxKXHW_L7VhGKZOnGplEOZokaxrdtEMtExzAMGM-NcTMw_IZijWCXlxF6fwHTPIbs29WdMbqFW5GnXLKkdazzzDjm1exKG8CMFEKDCtjun94VUkTK9iEB5MwC2Kk2zXcjZDUsejyAzFFDa7v0EwFdlJJdSBMsyYlFupjzqg2J0rj7HkD6HkjYjw4cH-93c1WO0OEgbzKU2ZMi-7s4XxjxLfhI2VWU4QakIjFBcM98MmJraxRX6zxhX0YsD0KkfWQupsGTBogsZ57Zk8Y9sdF-7O-WlimEAHipSSoAc7Dg9i7unuH9ZtJxaBr216XreOOsKl3yb01fl_S2R5WbdHFs54y63ixwUtIr__5lHNW3GMqlP4gtI7SxoFRNL6W_tZxDz1KgNSOA8qyRECygpZCzzqV98tT3WwgrGr_HO_0-JIGVeXwJhHz5PE_0xl4qehiv1JBYUzjUKYQwSFYO1_iFr2ngxf2HfRgwgBbQnFTVzC9ycb31R9xC5PKgJ4FAEgdDQWymd3tfLpX7CSM5DqwsGSDagjDLqoqSay9UcNxLIjv3xZ2BOFVfv_J1oK1Phin2mxK5cT8yR1lYejJjHmSGOYtfzinCu8VmoHPxtPEg9515EKjYK11Umde4eAON7JnU1QDrQiIt7Fc9zWbNiLg85GNhQplfL9yuLoCjd-fO2NHEOYyCtH6E70sORVV-QMsn0ZuQUnKJ1ml86G4OXAJ9CRRetdOjcJS3Yk1uHZkNduizo3vfaaHs45oECc8XJOT-GUNtOh_MCUAxHFbc8lCa5kUwWT-CL0getWQvfUMtZiwI6eaJdebTcJX7qKAxqBfMoajf4OVfXLlogbskOvU7S2ObNIKP3pNyLQsT_8E8i158S1NY2K4xMA1A&sai=AMfl-YQoSwLRg5zXd9hHI0lOxXfxk2IbR9ApBHUYZpp2LAk4RORrZ4S1FyPIgRnJzXGFB1-ZfGOoMzLXCOLMHc2vDA_Cl1BwBnztlwbdI_Adkeoc5Tq0cRjC6Z5nl_UpSnd-FScXBrRaIjVgzRkYxv5INPoxV09MLWbbEvrtwg16ientPPGKLBobd7HoysJmfMRpQEiQ_eYMI6RUKo4FtbwBzMcxXhNW19kkYo3tmQcQ3_V8n4SMYP7SqRcbZcPiJCBiSYvcNoKo2-xTknSkEZaNDNeuaB6TsN60ECF6Ye0qG2tsvvQ&sig=Cg0ArKJSzFCBBBf8Je8YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&vt=11&dtpt=147&dett=3&cstd=46&cisv=r20220216.16203&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers timing-allow-origin * date Fri, 18 Feb 2022 09:45:27 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ACB0	0 20 B	44ms 44ms	Image image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-ScbtmoPYoySF4Hd7_UPp8uNWAAAAAA4AeAEAg&bg=!oqGloeXNAAbf-5Dq3_s7ACkAdvg8WhHaJ7j4OwchuF2lMeklw9xpvi-n7phsHtmT2LVWYqtD8RTERgIAAABoUgAAAANoAQcKAMM2uE5Vy35gzmd4u0ECZ82N1MgMGvurtRaVyIySeIRMPbg65D5SlttaptvWepeLBlFh2SH6wVeLfLKL3DREAV9mn8i7K062FLVoV1amcHy22Fl5KfvD07btaIOxX6kHnBkgPrtC8mlrz9Zpl2HvYXfXqb3K_Mq59b4lCH5anaF1dUjj9wKJSPmWJyJTv5f5nib3kGKe99puQUuZ6TQqZ0LEr2K8k1gHKjb3vnKZWnwxj8kSg71Iud6NnGleVv0YujI6JsWZAs4UFA22ePc3VTY3iAeeX0rNb96nsD4ODuTWQuTKMpdh2tFd3aW2ePnOQad-_W80nzNyIHgYBLRlSJhqlKiu4w6jmtiDe4ngyCTOHOmo0HahMNxMO0w-x3p_iJYNI0LrRi2S9TTu8GBKEV5tqpdmrNLWFSb4oIF5OoT0D3GdDZCMq_2aREPVTzonK15fRo_Gf_5zNVtbN1WECXFc4WfafQJvceXHLqo7mFXpke6igSKwjnurlfp0d37cy9iVmwn34ojME6HZCBaJbewYsX1B5CRM_TkgB8e-2m-1WIOSTiEEkbFRpGCi4ZMXjcX1msPN00_qpHl-L2D_kvozyNmrDdiuGUh7Py37pQ8rkLRTTxn6gv3Mwkk1zgyTAG0hMpO57GBVzwOPBcBuK30NpS5y0wPVh4_RDuho4fYRem_lsiamAVSu2RyO0OIYanHFyML7Gc1ANePfxdLqmTIG2QRvvfuzG1jgxbjAaUwT7QlwvrW02pigFWQ82Xst7Mo6Pz7YCVliGSwNlv0c5KGf7zADglRO8qZBejdKeh6RMNcZ1p5T5O_tRmC7b_CWSTtEQyT1JUd_TUqH7J4lX-lfA0Tbp258pBBldcuB2axbDXTcMO2fRZKQfVPB8t_3oTKF-prBm9gMZakoB0COE4dwRKH6E2Cp4jE2t5zRy3ZjUxrc7xSYIyyf2PnJnOKpK6B5A4_hpVa4pUH7kMgFevwG8AfB7IqTbaZdwqV6CKWeV3JhnQnUtGCOB2F0eDBafsOvvEdlsiZ1ClvNkBOi9RFDM0cSV_0MEjkJN8blH5odFiqYpk7WNmH2bBKX6Z8n9STnIiyie9tM0MvabI5l1BpgPlF2fwi2pEWiBMzBIKN_1LAznvWxhHrOsEojEw5vtgpmxAh8_Gde1TGC_Z2vEEowrPLdyQaBHiOrmhhWFMrwgVY2v3shm-9rnhGtFGPfxJTWgOqf Requested by Host: 4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com URL: https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D5D6	42 B 64 B	80ms 80ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYJkHtz1hcAzFZ_zJwoAHCJCUWihe-NwibpAXd1aGjpvYBHuqpbuW89hIjJcUBVeZRQpp0FH3KYoUBBkE0Cm1amypPI8wnI6nnRaoAT1Qy-qmdPk4xzw&sai=AMfl-YSulWrjBNeQdkh_5KI6tK0y8RH6adIKLnb7RuGxKLFYel5T6XV3cD-EL1w3SsOPPOuNbtYToy38hiuYQ9tZvlU853o56IuWIvB4pSrYHDsU2w5VN4gzaxUM39k&sig=Cg0ArKJSzEJ2wXYUNXfeEAE&cid=CAQSOwCNIrLMFYCNV2i6nsS_5ahkB4PskCbtzLB9EduXKUFVkT6xk-wq0gfP-AVHpJqAVYVgZakAOaJKGPz-GAE&id=lidar2&mcvt=1000&p=202,436,310,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=20&adk=1956941760&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645177527329&rpt=150&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://4ef60b8f29b59e4b59d711c3058fb73e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/35.0 Mobile/15E148 Safari/605.1.15 Response headers pragma no-cache date Fri, 18 Feb 2022 09:45:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/generate_204?_nG8Gw