trueliketop.org Open in urlscan Pro
2606:4700:3037::ac43:803b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trueliketop.org/
Effective URL:
https://trueliketop.org/
Submission: On December 13 via api (December 13th 2023, 1:05:20 am UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 50 domains to perform 266 HTTP transactions. The main IP is 2606:4700:3037::ac43:803b, located in United States and belongs to CLOUDFLARENET, US. The main domain is trueliketop.org.
TLS certificate: Issued by E1 on November 7th 2023. Valid for: 3 months.

This is the only time trueliketop.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700:303... 2606:4700:3037::ac43:803b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:7f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.23.147 18.66.23.147	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	23.215.22.18 23.215.22.18	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:e00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:4200:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.248.109.126 3.248.109.126	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
24	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
8 22	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.68.140.79 3.68.140.79	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	64.74.236.191 64.74.236.191	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.154.164.196 54.154.164.196	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	3.69.190.202 3.69.190.202	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:c84a:f3f:c1a8:24dc	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	13.43.203.41 13.43.203.41	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:20a... 2600:9000:20ab:6200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7782:cac1:b5d6:8914:d668	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.21 18.239.50.21	16509 (AMAZON-02) (AMAZON-02)
2	18.134.58.19 18.134.58.19	16509 (AMAZON-02) (AMAZON-02)
266	63

35 2606:4700:3037::ac43:803b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trueliketop.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:7f3 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.dsail-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.109.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-109-126.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.18.2 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.140.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.191 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.164.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-164-196.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.190.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:c84a:f3f:c1a8:24dc (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.43.203.41 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-203-41.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ab:6200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:cac1:b5d6:8914:d668 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-21.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.58.19 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-58-19.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	442 KB
48	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	634 KB
35	trueliketop.org 1 redirects trueliketop.org	1 MB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	302 KB
12	demand.supply live.demand.supply — Cisco Umbrella Rank: 57430	43 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	207 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal90007.redintelligence.net — Cisco Umbrella Rank: 268469	55 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491	1 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	78 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	652 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	yahoo.com 2 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	11 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	67 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	24 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	851 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 12645	771 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869	4 KB
3	gstatic.com fonts.gstatic.com	51 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	154 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	587 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	438 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	705 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	452 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	166 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	539 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	275 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	dsail-tech.com prebid.dsail-tech.com — Cisco Umbrella Rank: 558853	366 KB
266	50

	Domain	Requested by
35	pagead2.googlesyndication.com	securepubads.g.doubleclick.net trueliketop.org pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com www.googletagservices.com
35	trueliketop.org	1 redirects trueliketop.org
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net trueliketop.org tpc.googlesyndication.com cdn.ampproject.org 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com googleads.g.doubleclick.net
22	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
14	s0.2mdn.net	trueliketop.org s0.2mdn.net 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
12	live.demand.supply	trueliketop.org live.demand.supply client
11	securepubads.g.doubleclick.net	trueliketop.org securepubads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	googleads.g.doubleclick.net	trueliketop.org pagead2.googlesyndication.com 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
6	www.google.com	2 redirects trueliketop.org tpc.googlesyndication.com 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
5	dt.adsafeprotected.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
4	hal90007.redintelligence.net	1 redirects 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com hal90007.redintelligence.net
4	hal9000.redintelligence.net	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com hal90007.redintelligence.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	trueliketop.org
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	www.googletagservices.com	trueliketop.org 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
3	bs.yandex.ru	prebid.dsail-tech.com
3	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
3	fonts.gstatic.com	fonts.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	static.adsafeprotected.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
2	5994599.fls.doubleclick.net	1 redirects trueliketop.org
2	pv.medialead.de	hal90007.redintelligence.net 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	x.bidswitch.net	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
2	dsp.adfarm1.adition.com	2 redirects
2	dclk-match.dotomi.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects trueliketop.org
2	b1sync.zemanta.com	2 redirects
2	onetag-sys.com	1 redirects 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects trueliketop.org
2	id5-sync.com	cdn.id5-sync.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net prebid.dsail-tech.com
2	cdn.id5-sync.com	trueliketop.org securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	trueliketop.org securepubads.g.doubleclick.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	fonts.googleapis.com	trueliketop.org hal90007.redintelligence.net
1	cdn.track.production.webgains.team	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	www.awin1.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	trueliketop.org
1	adv.office-partner.de	hal90007.redintelligence.net
1	ad.doubleclick.net	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	trace.mediago.io	1 redirects
1	match.sharethrough.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
1	image6.pubmatic.com	179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	trueliketop.org
1	a.ad.gt	cdn.hadronid.net
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.hadronid.net	trueliketop.org
1	secure.cdn.fastclick.net	trueliketop.org
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	prebid.dsail-tech.com	trueliketop.org
266	74

This site contains links to these domains. Also see Links.

Domain
pt.wordpress.org
wordpress.org
tielabs.com
sulvo.com

Subject Issuer	Validity	Valid
trueliketop.org E1	`2023-11-07` - `2024-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dsail-tech.com GTS CA 1P5	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://trueliketop.org/
Frame ID: 112473CC06BA6049141CFEECEE1D95A6
Requests: 94 HTTP requests in this frame

Frame: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B9DAA2C7505BDDFD19B63147040470C9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=trueliketop.org
Frame ID: 106FBE55D52CE3E5EE533C157AA06F71
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: ACB97E207A4FF7A219132A2D8C313F79
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: A40AA73F229AFB745B60D7FA5DD68217
Requests: 12 HTTP requests in this frame

Frame: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83E1FF7114F595BEFA9DB1FDF4F4ECE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi795r-ATAB&v=APEucNUa8qmV0Ovq0HD6FQgnx8oX6NHdPIuAbpu2Y-ctS__Plt7UQgQhOHvNvmZ92C2Cf2hJaBM5U-vQeGt6-mqAu6VXrdEp85cS0mrCB-XTulDPGSdzBmwxPsZW_RCjSO8CYaLhTjezOGKKJofsjxKuAFkV_3B6Wli1Y_bjmtVbAzzuoc-hGhiYQn05EeoU7k6xtEAK4wBT
Frame ID: 764E1A2335E1DAF063B9D19FE9A48F4A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4F63D4AF1016C41855DEC487B73637C4
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3AE330FA02BCD7826D202448C0C8E101
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5563BD6E84B15600D05A8A3270EDADDD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 131C699C850C618E52FBB89E5DFCD750
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EF71F73FDB961944B998A0B06E16BFAB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250
Frame ID: B282924CC334F2EA10D5CEFFEED9C497
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: C91E6C7FE04B839F710E5999C81A78E4
Requests: 15 HTTP requests in this frame

Frame: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D78BAFADED3DF76091124F088DA321F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ
Frame ID: 064897BB4CCF56861D219498032EC347
Requests: 5 HTTP requests in this frame

Frame: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E78BA800973C33B598132A16BDCD301
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg
Frame ID: 68EB880892CA2854A9A3FAB5BF93B5AE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B5632FEF6DA4CC8B25DD10D10975B5EC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58F7A9377B6ED7D6775F08846F90E05D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B5AED9C5E5ABD4C916EF1BB55BCB4709
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 62E05C7FB04937EE11313BE3A75A955F
Requests: 8 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B8A8F602C517ACDD35593D36E6F0D393
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FFFBCC2F66A968E9B41019B522B9E05E
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153
Frame ID: EED1BBC1EEEFBBC71781AE81329BA523
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Frame ID: 025143AE37029EB11E2CBC46CB86AC9A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52A58F9CE79EB53A3E26339469074D88
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 79A125EC69FD4843B0E4FA2874FA1B74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

True Like – O lado da tecnologia que você desconhece! – Tudo o que você sempre sonhou em saber sobre tecnologia em um só lugar!

Page URL History Show full URLs

http://trueliketop.org/ HTTP 301
https://trueliketop.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

266
Requests

90 %
HTTPS

42 %
IPv6

50
Domains

74
Subdomains

63
IPs

10
Countries

4097 kB
Transfer

8164 kB
Size

30
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pt.wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://tielabs.com/
Title: TieLabs

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://trueliketop.org/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trueliketop.org/ HTTP 301
https://trueliketop.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://oajs.openx.net/esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp&cc=1

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertagids&domain=trueliketop.org&sn=ChromeSyncframe&so=0&topUrl=trueliketop.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1SPpcHxUU0NKR0xLOGhDb0FDY0xMcGVHRlJ2ck82eUZpVVowZTRrMVZ5NXZHN096eVVRQ1ExWlFYUTNjbUhyTUpvNWZMdGllSVZEaHNueEUvYXpSaXN0VUpOczhiRThVQWhLTldqV0MvYlV4UXNmUmNkdGhNRE05TS9hZ2RqMm5YVXUvWGRvZXgrbVZZTExnSGFWMVB0RWpxQlZtVkpoWkp1QXQ3WkFXSjIvbitBUEN4QzY4TVJlcWZyWW5JNitoeFV0NG9XVmF3UjJFRUtoRUw3dkJiQUhiSC9yd1IrVnFON1VDWGdxZmI5WUVpTlVYaGRMaE81WlNGMzVwR0o2OXRDU1VLNVBxdW44ZEt5WkpndFBjSWpuU2NiV1RJMXJMOGMzS0YvVHJ1NDlYdkRnVT18&cppv=2

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkDSMzBULJ70Ws4JTpTfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOL-DtXln9WTS7ZfRmBbT7Q&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOL-DtXln9WTS7ZfRmBbT7Q%26google_cver%3D1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPucbaAcDnfAELAYJqqu28M&google_cver=1&google_push=AXcoOmSiCBNmlO7FwCJYMiziSdaWgRxpjs2oxXmZUyltIDbABjVmmMpTrHaaoEdTZ5rVrBZLIt3aZB7wmpsQeRsQohtA3dGHBMjj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPucbaAcDnfAELAYJqqu28M&google_push=AXcoOmSiCBNmlO7FwCJYMiziSdaWgRxpjs2oxXmZUyltIDbABjVmmMpTrHaaoEdTZ5rVrBZLIt3aZB7wmpsQeRsQohtA3dGHBMjj

Request Chain 135

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGwMXyjNxH-t3j4rOakV_CQ&google_cver=1&google_push=AXcoOmTRzT2A74eJoyirErcxLqzhBarlKLRodfmJXag-aD4NoMyqjLv-I328tEvY8oCRaHai3kabE43TpKFKi1Sie06wir8sdX0CJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRzT2A74eJoyirErcxLqzhBarlKLRodfmJXag-aD4NoMyqjLv-I328tEvY8oCRaHai3kabE43TpKFKi1Sie06wir8sdX0CJw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 136

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIM_qS1VFlmnC1Zl-zbiwVg&google_cver=1&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIM_qS1VFlmnC1Zl-zbiwVg&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA&google_hm=WVpONzlQa2E4c0hoSXZha09YWHY=

Request Chain 137

https://trace.mediago.io/cs/google?google_gid=CAESEC6YX6N8xLrhQS0eLgA7_6U&google_cver=1&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN&google_hm=81fa84b7ebfaba311q7eog00lq32krkx

Request Chain 138

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6IaM4gzdLvzLX_scdNQJO3dgOuV9Whj6ssG6PvC4FK_rI3hr7DKAKp_oAubmLxAV4z1t2qEVTHXP6N4ur97lfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6IaM4gzdLvzLX_scdNQJO3dgOuV9Whj6ssG6PvC4FK_rI3hr7DKAKp_oAubmLxAV4z1t2qEVTHXP6N4ur97lfw

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1

Request Chain 202

https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 213

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFLlK4DS_EXFsYxO5IpWnkc&google_cver=1&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_lnuREMdEpaTKXOG5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_lnuREMdEpaTKXOG5w

Request Chain 215

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECD6IgyDyrY8OxzUjBilkVw&google_cver=1&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0_a9Yvzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0_a9Yvzg&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B

Request Chain 216

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyWWmVu7onF04TXoR5YhyV8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyWWmVu7onF04TXoR5YhyV8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyWWmVu7onF04TXoR5YhyV8

Request Chain 227

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153

Request Chain 229

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 239

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20338656165&bidurl=https://trueliketop.org/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j4wfkbajgeT4xUhG8IYJXZ&adContainerId=brand_safety_SQN5ZdyYPPzpx_APlpGC2A0&cbFunctionName=goog_wrapCb_SQN5ZdyYPPzpx_APlpGC2A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ftrueliketop.org&adsafe_type=y&adsafe_url=https%3A%2F%2Ftrueliketop.org%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c6468689-e1cf-b8d2-1c32-66fcd5dbce45,c:wDDnXp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-lvhgc,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tYheKpt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C19*.990511-61634100%7C191%7C192%7C1931%7C194,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:53,oid:ac124dad-9953-11ee-b498-4ea72b1a48ae,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQN5ZdyYPPzpx_APlpGC2A0&cbFunctionName=goog_wrapCb_SQN5ZdyYPPzpx_APlpGC2A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 244

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFLlK4DS_EXFsYxO5IpWnkc&google_cver=1&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-HppVFtEebMlQfmYE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-HppVFtEebMlQfmYE

Request Chain 246

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECD6IgyDyrY8OxzUjBilkVw&google_cver=1&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396TD-9F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396TD-9F&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B

Request Chain 247

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUDWSiIoGOI--PEKsZC9X4V4K HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUDWSiIoGOI--PEKsZC9X4V4K

266 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
trueliketop.org/
Redirect Chain

http://trueliketop.org/
https://trueliketop.org/

102 KB
18 KB

273ms
204ms

Document
text/html

2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2

Resource Hash

ccd47de24713308e5085db9205fd8a1e0b7dff0535ab466948c6fec433fcbb28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 834a4c195e169a1d-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 01:05:10 GMT
link: <https://trueliketop.org/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VYRjNsurUoZs6CzCsftLjoFvrEbekyluEopjVQNniqBeHacw4HcDHHYcYO4KjRgxvm7z2JTTh2yxi4j1vq%2FfJMshvQK15D9id6tNrh2tcUfa%2Bwrgcat6gC7Yr%2Fu9fhbZNiiLYsyx0GDO%2FZQyi0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
x-iplb-instance: 52360
x-iplb-request-id: A29E563E:4D96_0587445B:0050_65790346_127BC:08AB
x-powered-by: PHP/7.2

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 834a4c15f940d035-SJC
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Dec 2023 01:05:10 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50CKduUGMnLGbzYdTG0gCpcouTFuOgfhxkXEW8w8S3nqBeUaQeUzr423sEinrDfp2A2%2Bo8evuNCDDdV41wg%2Fnpo9K7Gu2JIf5kaIrgE9INOyiQobQIpfiddzM2YhdBL%2FYqHqLNLuErJXlZFgnGc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
location: https://trueliketop.org/
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
x-iplb-instance: 52335
x-iplb-request-id: AC479E6B:5BCC_0587445B:0050_65790346_821D:649C
x-powered-by: PHP/7.2
x-redirect-by: WordPress

GET
H2 200 style.min.css
trueliketop.org/wp-includes/css/dist/block-library/ 50 KB
8 KB 76ms
74ms Stylesheet
text/css 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 02:09:52 GMT
server: cloudflare
x-iplb-request-id: A29E57D6:5A3C_0587445B:0050_6577AB39_3B786:147F
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ%2BxaBoW8ze02YRC94NUS4s%2B6tZBhtIFAXtmtbnaiwJFvBxhibPeY6y2U5RbQSA13ZwYarMLaNxu5HPzWseqlyIDjZ8lWP8LBAy88yrKWfHHfa7t4ZQVpnaKy0R4GbyR5p9YmULs6Ig9BwBLHdw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1aaec69a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 style.css
trueliketop.org/wp-content/themes/sahifa/ 187 KB
37 KB 69ms
67ms Stylesheet
text/css 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/style.css

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7c945c8e2461e4713c789136780e33e2ff3c62967c269f7cbcbd0c10184e67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: A29E566C:A050_0587445B:0050_6577AB39_3B785:147F
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWM%2Bf2zyLYcAskzxunDLRt4MpupfyHAv0ik6HNjvfiDsozc1V3C3m6z2Hz7R6URyICHhi1i3vF4UOt28JzoT7MUVcaViOywHOTd6SXYpg5FxZuenN76Ou5NVkYeBsAxCU5EbOa%2F8DPXESsvHO4I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1aaec89a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 skin.css
trueliketop.org/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
2 KB 66ms
65ms Stylesheet
text/css 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da6ca0cd77056754444ca25ccbaa3a9bff5cc62a8a23f0af97cd28fb3877126

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52335
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Oct 2020 00:27:35 GMT
server: cloudflare
x-iplb-request-id: A29E571F:2F88_0587445B:0050_6577AB39_6B5FB:7776
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E45%2BiV9dd88C%2FJ9bJtbAmzsGb%2FGhhzsiumLEH5LcZDyyT23k7yH%2BDKAH53f%2FwMirUXRgm9NlA5b%2BikZR%2Fc1V2yABeVmnEe9ybmONBZhrBsEQD4nzFzu97CCkN465TqkIOh9hXhhwx3wYe3EtDEs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1aaecb9a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 802 B
751 B 116ms
38ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 01:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 01:05:10 GMT

GET
H2 200 jquery.min.js Show response
trueliketop.org/wp-includes/js/jquery/ 87 KB
32 KB 75ms
74ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-includes/js/jquery/jquery.min.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52335
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Jan 2021 19:45:21 GMT
server: cloudflare
x-iplb-request-id: A29E57CE:CB60_0587445B:0050_6577D7E8_8CB81:7D6D
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq0zV%2BKDU1Zcvm7rnd5xTF8CcL1V9UA8wvRY71aVTwJG1obteebYIOej6tPrvl2InbBba9s9sL7G%2BjMkQYSKJY3PzjvjcqS6Ki3PgD2UhDMQpzdMiiWBOqWnu%2F71mWvL9V02dWkR%2FsiGkMXgyJA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1aaecc9a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
trueliketop.org/wp-includes/js/jquery/ 11 KB
5 KB 72ms
71ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Jan 2021 19:45:21 GMT
server: cloudflare
x-iplb-request-id: A29E564D:AE8E_0587445B:0050_6577D7E8_F85C7:111C
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE%2BzhkKLJwrSriPu3vuFxdCzjCe8D3jdtcUOYttNUVgxmlyKjO2cEjSQ5ZVEYCoxsGus0Ydnpj%2BteWeWeRHryj7vsZAH0dNCjNwyX%2BSwZKt9WWC6IOIFdEN3uCS25Velro4RdfHYA%2F7b0W%2BAecQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1aaecd9a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 10 KB
5 KB 188ms
106ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40456e161c15711262023cae30405125748a3b8ec3f89ee63e93b4d665d32783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HH0D30GEAE90WMEFGBN1ZBCC
date: Wed, 13 Dec 2023 01:05:10 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 406
cf-polished: origSize=10288
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ebe02ba20d7c2f6799d21b06f6e858ec-ssl-df"
cache-status: "Netlify Edge"; fwd=miss
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 834a4c1b2b3171b3-FRA
link: <https://live.demand.supply/impl.v17.24.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/dHJ1ZWxpa2V0b3Aub3JnLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 212ms
140ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ef92fa5f47d362df30513b5feabbd8a193205a989fd608453c8ed51a88cb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29536
x-xss-protection: 0
server: cafe
etag: 837 / 19704 / m202312060101 / config-hash: 6487957748488688722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:11 GMT

GET
H2 200 prebid.js Show response
prebid.dsail-tech.com/ 365 KB
366 KB 579ms
198ms Script
text/plain 2606:4700:3036::6815:7f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.dsail-tech.com/prebid.js
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:7f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35ddb0281aa7d286efa01c43870f954fd648eef3ff244670b54c7cc11e38c009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 22:35:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2uL6Yp7ekgieIeMQSQ6i803ipsLaRgZTTZanOnFUZ2i4Gs8Et3bPBn9bD50RJgI5Oib3T5JJzGJ2HT47dfp9Wtni0ZefFFUXjJfphFMJlkR1VRl2Q9RxUSLbTm%2FswtxA4cUu5ggWpG8Vy1%2BSo7QLEOAmVY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 834a4c1e4bed6456-SJC
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
trueliketop.org/wp-includes/js/ 14 KB
5 KB 82ms
81ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 02:09:52 GMT
server: cloudflare
x-iplb-request-id: AC4597E7:27D2_0587445B:0050_656A3C9E_13720D:7595
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxuF1FKYBl1eVZzhY4ZSjuJsgzQYOm6OjMPWN42Ynr0YQAEPUYkr7jkrOxccmR%2FJ2Ibni6G0Lz7fr4%2BCLM67XBppHzpwom6yVIX%2FNHEhE9bjCZHlK0qiUINL7wv1t4hhdtMGMxAbtjUDVu9QQhk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1b69484d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 logo22-1.png
trueliketop.org/wp-content/uploads/2019/10/ 2 KB
2 KB 86ms
85ms Image
image/png 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2019/10/logo22-1.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff300cac974d56d0ed978f857be24dd0824696f75086c296d565dff2716e096d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 1582
last-modified: Tue, 20 Oct 2020 02:40:17 GMT
server: cloudflare
x-iplb-request-id: A29E56C2:6B58_0587445B:0050_6577D7E8_F85C8:111C
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK1jjXAfPgqntxd4IMZMfGN2PNbCNzE%2BvynZ0Q3UkYNvcpjDVIrDZnW5zF9o1aF2hMec%2BaeaUxUn5u7M6JyZJz6tXzsGTog7OUSv2uKuWVbWKbhTe3QWn%2FHrIPVruUJcEjHkfyg7D6lhe3K9Z8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1acee69a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H2 200 tie-scripts.js Show response
trueliketop.org/wp-content/themes/sahifa/js/ 76 KB
24 KB 76ms
76ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/js/tie-scripts.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0937f94a317e9ae6d1f7f755e38d502be1f1044003a90c141dc0a1f193a18149

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: A29E577E:FA36_0587445B:0050_6577D7E8_F85E5:111C
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bg%2BTsQLx%2FP1viKSbPK6hG7CNdkq7Be69nkDurC1uhZUe5Tvfb4kEa8AN%2B2lblqIN0BMFfnrrCEyS%2BCHr5xgRuo62EaWGNBpNhK8MnEJThfhkz4yDmeCr8R%2BxUvUG5wjCq8aC1h73G5MpmeCMz4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1acee99a1d-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 ilightbox.packed.js Show response
trueliketop.org/wp-content/themes/sahifa/js/ 75 KB
24 KB 65ms
65ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/js/ilightbox.packed.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: AC4597E7:27D2_0587445B:0050_656A3C9F_137C33:7595
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV%2FbysZr6QfcgHOmYwSpX8lZHkApbDOoebCNQj4iNfTLkXKjvqP0PTsCA%2FuJLuve%2BH3jLoWVc4gZAvosKVtFcNlEsjCInZvNRkPMW9ZALSv1Tkj8B6xS1trVUgtDq%2FX5JbIX6BmHvIsu247TbHI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1b49344d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 wp-embed.min.js Show response
trueliketop.org/wp-includes/js/ 1 KB
2 KB 93ms
93ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-includes/js/wp-embed.min.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Mar 2021 02:09:52 GMT
server: cloudflare
x-iplb-request-id: AC459761:7074_0587445B:0050_657731B4_8B13C:0F24
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJSmLvHcuyxkvw%2FhMppjImTIRj1989MGT5ob5syuno%2FemFGA3SUYX2k3JjF3p%2Bjv9MkHir%2BkVyUlWCEyAYIb%2FvWuR6lJOL7j%2BLHgUi7ZYjPkW9TxB%2FlnVfejOidRKOtfzYnr9EObAgU5oBvteVs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1b59384d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 search.js Show response
trueliketop.org/wp-content/themes/sahifa/js/ 14 KB
5 KB 82ms
81ms Script
application/javascript 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/js/search.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f6068c97f29b9a0fdc1f1a619db9585db8081aa0489ef0053997193ee28ede

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52335
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: AC459611:F932_0587445B:0050_657731B4_95ACE:7E61
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrE5OW6VoTpyFYPPPIZSJWR3J1qUNA9EYeCP8T5HXbwqnEvGvzTU%2FGvoX%2FwtLgP%2FoUuAD6Oeag59%2F1sXwBz62Rfx8wgtBxmPgnSWNZGG6ZKNYNqbA7W3hCDdS2YGt9uMaaTyORqtWbyNnFUZooo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 834a4c1b69444d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 body-bg7.png
trueliketop.org/wp-content/themes/sahifa/images/patterns/ 21 KB
22 KB 102ms
102ms Image
image/png 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/themes/sahifa/images/patterns/body-bg7.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 21146
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: AC45975D:4BC8_0587445B:0050_657731B5_8B2E7:0F24
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fO0ULfigfGWbxhODlhxQvUj1I2VSpz3HHv0h9o9X2DdBcrM1Pt%2B2pZMu3cs1KOCAhwC%2FXHaHI9pdgkE3sTQfrj%2FafVMs7hipFdowFSj6b2UHmNGjDWLLZHyNURouQ6qDxhr%2F2H%2BpbapzotGHG0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1b794f4d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 stripe.png
trueliketop.org/wp-content/themes/sahifa/images/ 93 B
1 KB 96ms
95ms Image
image/png 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/themes/sahifa/images/stripe.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 93
last-modified: Tue, 20 Oct 2020 00:27:39 GMT
server: cloudflare
x-iplb-request-id: AC459750:F732_0587445B:0050_657731B5_8B38C:0F24
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALDyAQM%2BL91YchQe4YVjl0SvAYh7%2F6FFiYdOnXdQsHgtIWx4qEXXKukTdCzymWcq8doZwYJTmcAT2M6dsrKL82hAgaJfpox18uQaBC0qV2z24Kk609b6O1CbQw9CwWUgDRPa%2FAipsdKa%2FJmO67c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1b89574d79-FRA
expires: Wed, 13 Dec 2023 01:20:10 GMT

GET
H3 200 fontawesome-webfont.woff2
trueliketop.org/wp-content/themes/sahifa/fonts/fontawesome/ 70 KB
71 KB 94ms
92ms Font
application/octet-stream 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

Referer: https://trueliketop.org/wp-content/themes/sahifa/style.css
Origin: https://trueliketop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Tue, 20 Oct 2020 00:27:36 GMT
server: cloudflare
x-iplb-request-id: AC45967C:E512_0587445B:0050_6577C64A_44643:7187
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkxlGkLxOc4qcnIKGuHSplsimIxrF5qO2hxf9k1IUDnVruymUSfiSZBcY6N53bJsEG1gfoJ4yJfz8acqBwPRTUXhAoPzRaIcw%2F%2BGt5%2FG1pfgf1rq3EAm1aWsF6V6Io9bPOM8aWgayUG0SiVoOXk%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1b895a4d79-FRA

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 100ms
31ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trueliketop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:23:00 GMT
x-content-type-options: nosniff
age: 355331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 22:23:00 GMT

GET
H3 200 BebasNeue-webfont.woff
trueliketop.org/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 133ms
132ms Font
application/x-font-woff 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trueliketop.org/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/wp-content/themes/sahifa/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

Referer: https://trueliketop.org/wp-content/themes/sahifa/style.css
Origin: https://trueliketop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:10 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52335
alt-svc: h3=":443"; ma=86400
content-length: 19996
last-modified: Tue, 20 Oct 2020 00:27:36 GMT
server: cloudflare
x-iplb-request-id: AC4596AC:5E64_0587445B:0050_6577C64A_413B:344A
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF0jebRrI13%2B30n4frzbb0aZDrvzwpDgdat%2BGCRLAT0c2IMGjz%2FkbTw4%2BhgOLb5Rsc7fZXzyE3Kn%2BMl5cuxCodJlUAbUgsmkw51ALhwDq9iSItovZcIPsC8gT32NfF8SnFpV6e2aMqVyixdT9H0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1b895b4d79-FRA

GET
H3 200 o-avanco-da-tecnologia-300x204.jpg
trueliketop.org/wp-content/uploads/2023/10/ 16 KB
17 KB 93ms
91ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/10/o-avanco-da-tecnologia-300x204.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4bbff690693fcf758b93845116595d6d541427bce60f9ac414161325164d8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 16639
last-modified: Thu, 05 Oct 2023 16:00:03 GMT
server: cloudflare
x-iplb-request-id: AC45974F:A400_0587445B:0050_6577C64A_44635:7187
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s97rjKUrY%2FFiXS%2BbeLdOl3EvlLyFA87ldOmhz5VdsqoLuwuUd3J5YF8u5L4Qzi5o4oj1ifpimPDVQQ1doQbgAzwdo072TjIeBAMZbwnZ8DMHCCUeBH8A62ezRC6tBzjlzzl04MoKoxpbd5VDn8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bc9764d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 inovacoes-tecnologicas-300x169.jpg
trueliketop.org/wp-content/uploads/2023/10/ 11 KB
12 KB 123ms
115ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/10/inovacoes-tecnologicas-300x169.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e21a5303b8bab11c2b7be06ec9b4e8832f67b2bc25505c4b9da07406d790d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 11343
last-modified: Wed, 04 Oct 2023 16:36:56 GMT
server: cloudflare
x-iplb-request-id: AC4597D1:8622_0587445B:0050_6572AF40_6C29:1B19
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tykc2Kvm0sC6Q4AuUz09TvlEFfCb73rBv9a%2BKWcgWARObbJlzz6AcQB3HsHSlOunlFHLEh3z2f%2BzP90HTR97BL1Rywr4EqEkOrlEVGh9Ey0Y84yjKSrqFODx6RQm05MGw0jXrrBqK5a2hRnItFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd97d4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 Robotica-na-saude-265x198.jpg
trueliketop.org/wp-content/uploads/2023/10/ 11 KB
12 KB 123ms
116ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/10/Robotica-na-saude-265x198.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a9ddbf55f381ab69a7cdfeafa0f50bf18423ba8dea016b3cfa065b6c2c98da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 11459
last-modified: Tue, 03 Oct 2023 15:12:01 GMT
server: cloudflare
x-iplb-request-id: AC45971F:C992_0587445B:0050_65790347_12874:08AB
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HriXHKZgidthJy2xlsbvQrd0%2BMolsAE6vz5jLXVh21POJRcJV%2Bje4vXrCMaMQVJWrXGUMtrEiOiQqliF02WluAWczJ8wUSPKk5mWsEiErkSOmxyom2bSieSUPsqgUQtcJi9wxvukvLTOx6Y5VaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd97f4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 setor-tributario-300x173.jpg
trueliketop.org/wp-content/uploads/2023/10/ 14 KB
15 KB 124ms
117ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/10/setor-tributario-300x173.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7895c6c09484d0a4783753778339d4cf27abdacb5e1bb71a80fdb9c1369d68c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52335
alt-svc: h3=":443"; ma=86400
content-length: 14394
last-modified: Mon, 02 Oct 2023 17:23:46 GMT
server: cloudflare
x-iplb-request-id: AC459677:F68E_0587445B:0050_65790347_8331:649C
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7j7ZZ3YM3KJtvYCWRVUYTCg34zpw%2BYjiAUUk4RUXEOiy20zkTDQMKfzw5HNAMk2tQW3gfToC9C30xetb84GzOB%2FmOvSC%2BrL9%2BEVdurpQhil5XS1s7opbMF7G4dlZigUjIinHE5oi4KaM2zro%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9804d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 Avancos-tecnologicos-300x199.jpg
trueliketop.org/wp-content/uploads/2023/09/ 566 KB
567 KB 126ms
118ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/Avancos-tecnologicos-300x199.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1628bd4edd4b0e919b86efa27560b78b438a63675399af046cb62a3040ed3e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 579695
last-modified: Sat, 30 Sep 2023 18:38:15 GMT
server: cloudflare
x-iplb-request-id: AC4596E4:CC5E_0587445B:0050_65790347_131547:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frk4LvycKGQbg2BU0QeA9aMx5pwfnBbhePh4z1%2BuYsUy0ymcOdqprhqbXaJhjQDtW6tsvjzhfUBkYdtwEpFXYguVeEx6boIWtIUdNV3Z%2FO7v4vFx8wF%2F7TOUcbFtP8GMGRjbxkjhtUqrjtPKkw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9814d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 tecnologia-em-medicamentos-300x200.jpg
trueliketop.org/wp-content/uploads/2023/09/ 13 KB
14 KB 193ms
187ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/tecnologia-em-medicamentos-300x200.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd93c3b7a1756c0b3513677f22ec9241bad96fccb09b42edfa0ff67060d2b832

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 12977
last-modified: Fri, 29 Sep 2023 18:12:01 GMT
server: cloudflare
x-iplb-request-id: AC459750:6534_0587445B:0050_65790347_1286D:08AB
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xHVZFQkMcZ1i23pRORRABjlwwyj8m%2BG6WnL2mi8gtSKsCg%2FTaXjdrLPaBQjEAQdI6rNTMpcPbeP%2Fb1wYoS2oatDCnhX7c3GlUl1qvqJ65%2FPjHxlea3JluKAjCjQkJClSXpsXcUd4zB2CExGe3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9824d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 colchoes-300x180.png
trueliketop.org/wp-content/uploads/2023/09/ 98 KB
99 KB 195ms
189ms Image
image/png 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/colchoes-300x180.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3822a44aff9be621e80193cd1d7e7868bd829720b0f77f90c26386b528ecbd5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 100312
last-modified: Fri, 15 Sep 2023 16:42:44 GMT
server: cloudflare
x-iplb-request-id: AC45968D:C306_0587445B:0050_65790347_12871:08AB
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPlWhLCPl8ANY17r1zBgACxGmR33TIkoZMv60Y%2FxDFIxO5ZuNshytHSu0EfD6xu1KYkHjOx%2F7xy6Cmz8vBjgW%2FjBx2Z4esPqeRqLPHs2a3XFyCh9DbgJ35aWBygWlf9hvWl1LsAFjh28InPDW8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9834d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 revolucao-digital-300x175.png
trueliketop.org/wp-content/uploads/2023/09/ 65 KB
66 KB 198ms
192ms Image
image/png 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/revolucao-digital-300x175.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec7e3b70326f4b5ffaa38e20f604d7a4f472e31059e586d6d27ebfa3d9c8586

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 66670
last-modified: Thu, 14 Sep 2023 18:56:53 GMT
server: cloudflare
x-iplb-request-id: AC459678:A7D8_0587445B:0050_65790347_131546:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX3Tfoil7gFEAfRt2IyfnqkMySO%2BS0JkjlrgCmC8GrDRtR%2BOfw%2BueHxV2bWJIfHOEB69%2BApFN%2FcR2Af%2Bc9eclwg97Mw775niT8CUKxqYuZ2lM4uU%2FF8S0sw%2FNNMdi4WA%2F3NmNARBprWkkvao%2B34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9844d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 Televisores-300x188.jpg
trueliketop.org/wp-content/uploads/2023/09/ 16 KB
17 KB 236ms
232ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/Televisores-300x188.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7f6ade689ab95aa962b3ef5d08332ae728218680a5c38fc4dde438eac51844

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 15998
last-modified: Wed, 13 Sep 2023 15:32:38 GMT
server: cloudflare
x-iplb-request-id: AC4597B6:FDDE_0587445B:0050_65790347_131544:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3Wm%2FWDv5Z5EcAUkzUi%2FB4wrPLMou1RejuMPtmde6EUaG8GpLE5jPbAzAGk5%2FbaCHwe72DU8alr4QshqEY%2BgXSQy11qJlRVdXTKaPdOvlU%2FoCrYJD4kbzvNSmhnjDHDLoNVHwFqOU9cJ5%2FXAwyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9854d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 tecnologia-para-restaurante-300x192.jpg
trueliketop.org/wp-content/uploads/2023/09/ 14 KB
15 KB 237ms
232ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/tecnologia-para-restaurante-300x192.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca0296050b79b2d139deed8e8b4c29e38dee8e0f8cafa9b51241d5ee530f52d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 14298
last-modified: Tue, 12 Sep 2023 17:55:33 GMT
server: cloudflare
x-iplb-request-id: AC459711:4A50_0587445B:0050_65790347_131541:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTbftK2qN7XCFxHVSYeaWcWOibvVoaMlNCCIeiTv86MAERtXW%2B9%2FaXcCdigd2vlP2C1YCupz%2FgZiECqz0CkDeJf9QBU5mOraviD%2FkBxGTXU%2BhpzpcEjoILBG46h3szHU7Ya%2F3Z2n747IYY2bHGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9864d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 revolucao-tecnologica-300x200.jpg
trueliketop.org/wp-content/uploads/2023/09/ 10 KB
11 KB 238ms
233ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/revolucao-tecnologica-300x200.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ea3f2d68e99ad470325c3b2947d9bbc994249116a16a18ac366bd08c0436fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 10207
last-modified: Sat, 09 Sep 2023 18:44:54 GMT
server: cloudflare
x-iplb-request-id: AC459698:8D46_0587445B:0050_65790347_131554:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujtxQgz1XldCaWO83ozdwc1nFGn3iUqMcI7Eupx%2F6jOs8K0eBkA3DQ2OvIJkIxTbOUf7LC5KUoiJge1Jo%2BgZ2LHWAeKIu%2BF7tQYCLRYQl1sttUF4GP6tkeaMCV9ulwui1j64DVHBZKpS49dbnhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9894d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 tecnologia-e-saude-300x185.jpg
trueliketop.org/wp-content/uploads/2023/09/ 13 KB
14 KB 200ms
195ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/tecnologia-e-saude-300x185.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e73cb446d6674b02d6c7e877ca729c9da7cef656e41c68a0361383c749ac1f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 13780
last-modified: Thu, 07 Sep 2023 18:26:17 GMT
server: cloudflare
x-iplb-request-id: AC459753:4AB0_0587445B:0050_65790347_13154F:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NFBjVREqszKiLV6pz7kp4xwo76jS5owejYQaLk%2Fgqy7Zm52xGH28WHCBPxbmqllEisa%2Bvz2ZiBXSq5AfU6WPdHCXAZ1d2t6FaeTIib5EY3brCz2pkuls33g6qBq%2FxEYFpIIpWQ6I1xL2U1HRNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd98a4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 tecnotextil-696x380.jpg
trueliketop.org/wp-content/uploads/2023/09/ 64 KB
65 KB 201ms
196ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/tecnotextil-696x380.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cc33eae13f17b9ed1ebb9048e0809137def1eef6597fc1de7eab6635a621637

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 65374
last-modified: Tue, 05 Sep 2023 15:33:57 GMT
server: cloudflare
x-iplb-request-id: AC459623:5A32_0587445B:0050_65790347_12870:08AB
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdW6pxGWYZywj0Ll7Z2lh%2BW7srESo3RnubPhiq2cOBsqYTfXglGwQOAzH6iNv3f5k%2BInfagO53aon1h274%2FLgAuzj%2FgFGX%2BNatGEHNyQ%2BIxP3numx3yhb3EaNonZ62m0fabPgQrniE3tfQkJ8FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd98b4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 tecnologia-futurista-300x169.jpg
trueliketop.org/wp-content/uploads/2023/09/ 10 KB
11 KB 220ms
216ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/tecnologia-futurista-300x169.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65522d4713853b492985f5d3150d2a2a6aedb8e50b9dce847a0366f4a084ff78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 10191
last-modified: Mon, 04 Sep 2023 15:00:50 GMT
server: cloudflare
x-iplb-request-id: AC459715:7372_0587445B:0050_65790347_13154E:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxo2R%2Brtman7Ms0zNXIDkY3Psom61giWSnJbEdp8uxRokZh22vvRLX2RWfbJw3a6RAaEo3QmoJzNRmvZgACqTSiqw%2Bo1pdaBCj1%2FtO87vqUogUj%2BQMbOgtCK5Q%2Fw52sxHVw0TR7uU%2Bfq194hXjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd98e4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 justica-e-tecnologia.jpeg
trueliketop.org/wp-content/uploads/2023/09/ 5 KB
6 KB 222ms
217ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/justica-e-tecnologia.jpeg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98cb2160a96110b83e17adee3802f5c430e58e5b298957a97fac0137949a549

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 4773
last-modified: Sat, 02 Sep 2023 15:39:09 GMT
server: cloudflare
x-iplb-request-id: AC4596CB:958A_0587445B:0050_65790347_131549:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXsamUxNs7mwQHrIvtWbM3Wm8MWd7rDNlrh1BQxndyUKjP9B1IIIATiYpgHZHssPixX6rfBiYtfeaH4V%2BbiFem5zejUCoqGdlmq0YftOffkTMSMS4kCyGhjtvyIdQesYg0kRsjrQn0lReZCEE00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd98f4d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 justica-e-revolucao-300x200.jpg
trueliketop.org/wp-content/uploads/2023/09/ 24 KB
25 KB 223ms
218ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/09/justica-e-revolucao-300x200.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d1d08557bf735a48f50556ffe565cba79c36d7b8b708c29ef257c1944892ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 24772
last-modified: Fri, 01 Sep 2023 14:22:40 GMT
server: cloudflare
x-iplb-request-id: AC459716:A162_0587445B:0050_65790347_13154D:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Kt8OEn7nPit6NG6J3bfWLvGr89v2a4U%2BRkjalB8KOjraaqq0%2BpDSs8gqMCoo%2Biek9t3p%2FLv8MSXiHft0HXr17zSwBWbKK0E%2FT84IMh9IQ8Dxcf4tFQsEXFE8%2BIUixwGSCkbXS%2B4LGhDPBaqGhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9904d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 aprendizado-idosos-300x200.jpg
trueliketop.org/wp-content/uploads/2023/08/ 13 KB
14 KB 223ms
218ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/08/aprendizado-idosos-300x200.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1168d0127b02bba8ff510a58d11a9105ded68c0afc99186c4f24234fd720430

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52295
alt-svc: h3=":443"; ma=86400
content-length: 13212
last-modified: Fri, 25 Aug 2023 15:08:46 GMT
server: cloudflare
x-iplb-request-id: AC459632:3612_0587445B:0050_65790347_131545:5EB6
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsmshSvAy4eiHyekEmiPuhQP8CkS6BFOsRe%2BkQhSJca7YDFxTVVKViTPZ9Czo7l%2B7%2F6bVT21zFIENfUx70a0c95nIvxgzLzfyrw%2BmO1zgXZ8kQS56t%2B51wLa5W1U2rtg4%2B5%2BvfCxM60NzZcfLDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9914d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H3 200 contratos-de-viagem-300x179.jpg
trueliketop.org/wp-content/uploads/2023/08/ 13 KB
14 KB 225ms
221ms Image
image/jpeg 2606:4700:3037::ac43:803b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trueliketop.org/wp-content/uploads/2023/08/contratos-de-viagem-300x179.jpg

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:803b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f90c311d85be0d727bdbaaeb3ef611b2f3554bd4423b7c3171d3bc695e8680

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-security-policy: frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance: 52360
alt-svc: h3=":443"; ma=86400
content-length: 13207
last-modified: Thu, 24 Aug 2023 17:30:30 GMT
server: cloudflare
x-iplb-request-id: AC4596FD:7BCC_0587445B:0050_65790347_12873:08AB
x-frame-options: ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSJ3bJKRs6QaTm%2FHaUPk1ctEgt3SXU266Bw4Evj8T4O33sp93sncx2sGWwRuC3UxzvJzsd8%2FrGJNTsmkIEyvsOxCs3v2OsNo%2Bu7LLtSSOoBDhkB1aWw9GbwWAt6uA27jmwqSs22uXk8x6waNiH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 834a4c1bd9924d79-FRA
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H2 200 impl.v17.24.0.js Show response
live.demand.supply/ 86 KB
28 KB 115ms
110ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.24.0.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HH0CAFCJ3B652PWFANZN4T5Y
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 535740
cf-polished: origSize=88264
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"92d047beda3bde91ddc99a3dc5b31b77-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 834a4c1bdbbd71b3-FRA

GET
H2 200 dHJ1ZWxpa2V0b3Aub3JnLw== Show response
live.demand.supply/p4/v17-24-0/ 1 KB
767 B 274ms
270ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/dHJ1ZWxpa2V0b3Aub3JnLw==
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df55590ebbc61dd65a9667f5896e685e22a088cf62dd7f538d14845a53e28e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 834a4c1bdbbf71b3-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
515 B 148ms
113ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=189&cs=c&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGASWFVJZE1N70CECERHJ53H
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 86433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 834a4c1c0de22c25-FRA

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
579 B 225ms
191ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HFPF8YWPFNA42N10VV2WVK4J
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 834a4c1c0de52c25-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 186ms
63ms Script
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:50:39 GMT
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 873
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Rs7y21xACYvg8E1kEpMO4RAl9mXf4KFqgBGR7clBnKhHk6l99vIM6g==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 223ms
189ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/uamp.1.json?&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGD95F63MYW3J71R1DNPNS4W
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"c48fe3ad499607966d19912d63637a9b-ssl-df"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 834a4c1c0de62c25-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 trueliketop.org_fluid_sq_bannertrue300x250 Show response
live.demand.supply/cp/ 29 B
372 B 246ms
246ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/trueliketop.org_fluid_sq_bannertrue300x250?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacf6dc516ddc829a92b079243a360e1f10c843d628f76900443f842ad013670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 834a4c1cce4a2c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 118ms
117ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGCYRH3BAHYPAPQTY6C8F5K6
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 86433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "54863d6286da298ff963ed522a1a229b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 834a4c1cce4b2c25-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
432 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:14:16 GMT
x-content-type-options: nosniff
age: 42655
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441821
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:14:16 GMT

GET
H2 200 66ef05f7-ad53-48f6-873a-ac7543370392 Show response
config.aps.amazon-adsystem.com/configs/ 746 B
1014 B 180ms
42ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: ad232d76ac351bdaabf78a8cfe0dc6fbe51c16e23a4b8ca978cd0bcd28b23920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:34:11 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1860
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 746
x-amz-cf-id: zy7GxNsGcuXKD3XQzd87bWNFyfyaXrqmXVQCYyXyusTl9CuXTxEzGA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 172ms
172ms XHR
application/json 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftrueliketop.org&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: Server /
Resource Hash: ce9ea19684649109b2f96f68959eb825a59c0d45434dde55c34d5a1ce5aef0d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trueliketop.org
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2198
x-amz-cf-id: KebaZQcrUZNiBG4VFbfNGBy3WaRaBPvOk_BIXe7Oxja7OUVZlq8-Zw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 174ms
50ms XHR
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 10:59:38 GMT
x-amz-cf-pop: VIE50-P1
age: 50734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Ely1uN-jvv1vHtn_Gp_TN7-PyCQTzWidWBUESCexu35zwgCPpdLwwg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 239ms
78ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftrueliketop.org%2F&pid=ybduEBw5oVHRq&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22trueliketop.org_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: ACKT8Q3NEYS1JRWSQV61
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://trueliketop.org
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Kz7OrRpplC8e8nk48drPiNs1-bRmNWiMjv_sioZL84Jkjc2b3HrAtQ==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 45ms
45ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=trueliketop.org_fluid_sq_bannertrue300x250&pdc=0.7679804325103761&ucv=null&e=tcp&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGASWFVJZE1N70CECERHJ53H
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 86433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 834a4c1e4f1c2c25-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 144ms
82ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftrueliketop.org%2F&pid=ybduEBw5oVHRq&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22trueliketop.org_fluid_sq_bannertrue300x250%22%2C%22s%22%3A%5B%22250x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: JQMH5AHTAJRJTZ1TPNN3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://trueliketop.org
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: zOqLIAg4DbDzb9YuDOFAEEG1i5o_TlkAiBoUubrs0cY5KI57tGGZjQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 168ms
42ms Script
application/javascript 23.215.22.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-22-18.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 13 Dec 2023 01:20:11 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 142ms
54ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:05:14 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83559
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ijVt8-gf-HVMvbQNaoOuD9LYPkibxq8hg92RA6aWb0LpI8V9mXwT2A==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 123ms
45ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftrueliketop.org%2F&ref=&_it=amazon&partner_id=575
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 6297
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 834a4c1f4e242bf2-FRA
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 108ms
45ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: KXMJZWYZKGDKAJQB
age: 2956
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 834a4c1f2b463659-FRA
x-amz-id-2: 2Y01br4VLij1U6lKcnXUu+P3mq1Vy3f7ryj3KZ5N6b1U317qRHjxsTLyBnanXViCUnwgF6X5Doy6+9ayQQ+zFA==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 123ms
40ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 324550
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 834a4c201b1d452e-TXL
expires: Sat, 16 Dec 2023 01:05:11 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 160ms
48ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:42:46 GMT
content-encoding: gzip
age: 537745
x-guploader-uploadid: ABPtcPq15xIbIbXY6nprd-JVTBV0iLqfJkZsVBJ80bNsn3tMHDeQ1lbSePmHUH3XGm2QieXvuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:42:46 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 204ms
95ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 01:05:11 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 140ms
36ms Script
application/javascript 2600:9000:223c:e00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:e00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:33:17 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 1914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: I2w2b6dqGF_DTbC3Kz1lm9Psz4h3V_1mjhnGzBGYtq8Oo3RBErn0wA==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 126ms
43ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40748
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230131-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcoAWG7X%2FEitsDkUIGWRltF%2F09PlFjasnv1F8elNeHokSWsJU4dQ8iP7IRekQGRCdz2ESnjyAK%2BXpcA%2FIsDGXgrzmTY4KVrMO%2F1tkq7HHAZbr5u2g3iqc2jlU%2BeN%2BhjpIqno3xjIK%2BgAkxvy4Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 834a4c202978694f-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 45ms
44ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: SB3XV3WX7D3TRQY4
age: 996
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 834a4c1f9b853659-FRA
x-amz-id-2: XK/uEyn2Io5UalpG02MciRCI2T5BGC42ZH9PVGUjT++wf10oqSqzOVRQs4UsI2d0cvzgX31ynXk=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 170ms
67ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 75cf75ae1037d85aa2cef5050c6fd642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 118ms
34ms Script
text/javascript 2600:9000:2250:4200:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 12 Dec 2023 06:19:35 GMT
Via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 67537
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: WD96xaHETtySnsGSouN7ndk3s2jn0xAvFDBf_IlY24wYWdyIHjqiIQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 47ms
47ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:20:14 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 74946
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: pIcyZPWNHQf82sKhTIiBlY7th-V2awcjxj1auwi1Kskljmty9L_Kzw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 900 B
494 B 420ms
420ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=1156689717444362&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=44890869%3A22463098522%2Cca-pub-3831894559014614-tag%2C2d1e55cc-a72a-4051-8208-a1947a1177d1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=367923799&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702429511578&lmt=1702429511&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiRn9OFxjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiRn9OFxjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJCf04XGMUgAUgIIZBIZCgpwdWJjaWQub3JnGJGf04XGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiRn9OFxjFIAFICCGQSFwoIcnRiaG91c2UYkZ_ThcYxSABSAghkEhQKBW9wZW54GJGf04XGMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGf04XGMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YkZ_ThcYxSABSAghk&dlt=1702429510798&idt=573&prev_scp=ti%3De1be7ec8-b4de-4f91-92f9-6b6ef0e09153%26interstitials-bid%3D0.6%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D93&adks=2554173660&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b25d40ed610e3c9f124dbde5eda452abebd467b55d48ae5f03c4260abfae336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 463
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9DA 6 KB
3 KB 128ms
41ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:11 GMT
expires: Thu, 12 Dec 2024 01:05:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 39 KB
14 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4226
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 9174524701941205614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 23:54:45 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
13 KB 746ms
746ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=4394459092634731&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=44890869%3A22463098522%2Cca-pub-3831894559014614-tag%2C60101cab-a4b3-43b5-8f06-0b8b6aa5cba8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=290x280&ifi=2&didk=4221485269&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702429511613&lmt=1702429511&adxs=999&adys=363&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=290x296&msz=290x296&fws=0&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRiRn9OFxjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiRn9OFxjFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGJCf04XGMUgAUgIIZBIZCgpwdWJjaWQub3JnGJGf04XGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiRn9OFxjFIAFICCGQSFwoIcnRiaG91c2UYkZ_ThcYxSABSAghkEhQKBW9wZW54GJGf04XGMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGf04XGMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YkZ_ThcYxSABSAghk&dlt=1702429510798&idt=573&prev_scp=ti%3De1be7ec8-b4de-4f91-92f9-6b6ef0e09153%26chrand%3Dy%26pof%3D0%26bid%3D0.58%26bid-p%3Dgoogle%26bsc%3D93&adks=2725482687&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ddc028188aae687eca43448d5b754b73f0d0532130e202c64fd6a1c11f7d107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12838
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 100 B
291 B 144ms
143ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=trueliketop.org&url=https://trueliketop.org/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftrueliketop.org%2F&ref=&_it=amazon&partner_id=575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ca1f8176fde7d10f2be1d3e7483216d559a0444fb35c6212ba3e89757dd65

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 834a4c215f869180-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 228ms
136ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=trueliketop.org&url=https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trueliketop.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 834a4c206f069180-FRA
content-length: 0
content-type: application/json
date: Wed, 13 Dec 2023 01:05:11 GMT
debug: OPTIONS block
expires: Thu, 12 Dec 2024 01:05:11 GMT
server: cloudflare

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 382ms
65ms XHR
application/json 3.248.109.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.109.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-109-126.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7758753c203db864d4f87cb89829b41af0cf8f386bec2df9e709761513ae5cb6

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache
x-server: 10.45.8.112
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
231 B 267ms
43ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trueliketop.org
date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 288ms
65ms XHR
application/json 3.248.109.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.109.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-109-126.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: babc895ab4caad58bda3fdee3b1e67a0fa550aa0ac8c8f3875e8fb21fb18184c

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache
x-server: 10.45.31.132
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
212 B 238ms
44ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Ftrueliketop.org%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://trueliketop.org
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp&cc=1

85 B
193 B

146ms
145ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp&cc=1
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 966976c0fbb9d006472ed084b8322d5e07f8beb79c408dce5ca83b1be1f01d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-lq1lWT3r02Qy2w8YbV5oonrQLR0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trueliketop.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 13 Dec 2023 01:05:12 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://trueliketop.org
location: /esp?url=https%3A%2F%2Ftrueliketop.org%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 106F 15 KB
6 KB 141ms
46ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=trueliketop.org

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 306744
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 575 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 138ms
45ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/575?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftrueliketop.org%2F&ref=&_it=amazon&partner_id=575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba85231f87bcbb45f684c5d6b0eafd7154c7c9e247183355f502c3685435241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 01:03:38 GMT
server: cloudflare
age: 94
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 834a4c22bb63047a-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 343ms
342ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=1244661763884446&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=44890869%3A22463098522%2Cca-pub-3831894559014614-tag%2Cf0acf3f4-391b-4c00-b5dc-2e2d6ac84f8c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=2392644757&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Debc353146b53819b%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_Mba78eMojU-oX29EdeAdmEXk2TSQQ&gpic=UID%3D00000d19165be32c%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MYUKgq62d99NNf71rZCPorsImxWnw&abxe=1&dt=1702429512038&lmt=1702429512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZ_ThcYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiQn9OFxjFIAFICCGQSGQoKcHViY2lkLm9yZxjDoNOFxjFIAFICCGoSGAoJeWFob28uY29tGNKg04XGMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiRn9OFxjFIAFICCGQSFwoIcnRiaG91c2UY26DThcYxSABSAghqEhQKBW9wZW54GJGf04XGMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGf04XGMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yv6LThcYxSABSAghq&dlt=1702429510798&idt=573&prev_scp=ti%3De1be7ec8-b4de-4f91-92f9-6b6ef0e09153%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D93&adks=2549204261&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d4ca882eecd377a8f81d19c147931e297973caad6162c098856cf54f8103d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13306
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 106F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=trueliketop.org&sn=ChromeSyncframe&so=0&topUrl=trueliketop.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=1SPpcHxUU0NKR0xLOGhDb0FDY0xMcGVHRlJ2ck82eUZpVVowZTRrMVZ5NXZHN096eVVRQ1ExWlFYUTNjbUhyTUpvNWZMdGllSVZEaHNueEUvYXpSaXN0VUpOczhiRThVQWhLTldqV0MvYlV4UXNmUmNkdGhNRE05TS9hZ2...

422 B
664 B

47ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1SPpcHxUU0NKR0xLOGhDb0FDY0xMcGVHRlJ2ck82eUZpVVowZTRrMVZ5NXZHN096eVVRQ1ExWlFYUTNjbUhyTUpvNWZMdGllSVZEaHNueEUvYXpSaXN0VUpOczhiRThVQWhLTldqV0MvYlV4UXNmUmNkdGhNRE05TS9hZ2RqMm5YVXUvWGRvZXgrbVZZTExnSGFWMVB0RWpxQlZtVkpoWkp1QXQ3WkFXSjIvbitBUEN4QzY4TVJlcWZyWW5JNitoeFV0NG9XVmF3UjJFRUtoRUw3dkJiQUhiSC9yd1IrVnFON1VDWGdxZmI5WUVpTlVYaGRMaE81WlNGMzVwR0o2OXRDU1VLNVBxdW44ZEt5WkpndFBjSWpuU2NiV1RJMXJMOGMzS0YvVHJ1NDlYdkRnVT18&cppv=2

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e086df7d320bbc011f686e1f03184824f2fd0e90b27889d2233c0ebd998141bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1040723
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1SPpcHxUU0NKR0xLOGhDb0FDY0xMcGVHRlJ2ck82eUZpVVowZTRrMVZ5NXZHN096eVVRQ1ExWlFYUTNjbUhyTUpvNWZMdGllSVZEaHNueEUvYXpSaXN0VUpOczhiRThVQWhLTldqV0MvYlV4UXNmUmNkdGhNRE05TS9hZ2RqMm5YVXUvWGRvZXgrbVZZTExnSGFWMVB0RWpxQlZtVkpoWkp1QXQ3WkFXSjIvbitBUEN4QzY4TVJlcWZyWW5JNitoeFV0NG9XVmF3UjJFRUtoRUw3dkJiQUhiSC9yd1IrVnFON1VDWGdxZmI5WUVpTlVYaGRMaE81WlNGMzVwR0o2OXRDU1VLNVBxdW44ZEt5WkpndFBjSWpuU2NiV1RJMXJMOGMzS0YvVHJ1NDlYdkRnVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 287197
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 147ms
76ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a87d11b55410181a8df8c22beec9a028a55f2086c0ae95b7cbd440fa1330110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12391
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame ACB9 0
167 B 218ms
43ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 13 Dec 2023 01:05:12 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 206ms
36ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: prebid.dsail-tech.com
URL: https://prebid.dsail-tech.com/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32658
x-jsd-version: 1.0.1902
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"634-TYzb/8jnowgM/pO+/pUXsjhGSAk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgAKEcvwLijt7CdFlAGY00yjs%2Bd2nhIfGGJAlWgm%2B2JzAtw1RKk3klFn8KnpQ1cf9PvoeBdlBuZpfvURZWfmrBmBkrCRIvQ2k2x54xTXEoNYUXkKaNmQaw1e2mpo6II8AAjKzBop8btYjVwY5Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 834a4c24b8819b9b-FRA

POST
H2 204 1990698 Show response
bs.yandex.ru/metadsp/ 0
440 B 274ms
108ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/metadsp/1990698?imp-id=1&target-ref=trueliketop.org&ssp-id=10500
Requested by: Host: prebid.dsail-tech.com
URL: https://prebid.dsail-tech.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
last-modified: Wed, 13 Dec 2023 01:05:12 GMT
x-yandex-req-id: 1702429512471000-1025793055455035107800379-production-app-host-vla-pcode-303
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://trueliketop.org
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 13 Dec 2023 01:05:12 GMT

POST
H2 204 1990698 Show response
bs.yandex.ru/metadsp/ 0
166 B 286ms
121ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/metadsp/1990698?imp-id=2&target-ref=trueliketop.org&ssp-id=10500
Requested by: Host: prebid.dsail-tech.com
URL: https://prebid.dsail-tech.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
last-modified: Wed, 13 Dec 2023 01:05:12 GMT
x-yandex-req-id: 1702429512471120-1359117743120068070800447-production-app-host-vla-pcode-376
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://trueliketop.org
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 13 Dec 2023 01:05:12 GMT

POST
H2 204 1990698 Show response
bs.yandex.ru/metadsp/ 0
165 B 276ms
112ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/metadsp/1990698?imp-id=7&target-ref=trueliketop.org&ssp-id=10500
Requested by: Host: prebid.dsail-tech.com
URL: https://prebid.dsail-tech.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
last-modified: Wed, 13 Dec 2023 01:05:12 GMT
x-yandex-req-id: 1702429512471442-763950207648504986000327-production-app-host-vla-pcode-211
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://trueliketop.org
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 13 Dec 2023 01:05:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 183ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 01:05:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame A40A 196 KB
56 KB 93ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:53:20 GMT
age: 58312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 08:53:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A40A 15 KB
5 KB 159ms
95ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 17:21:05 GMT
age: 114247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A40A 95 KB
29 KB 143ms
79ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 16:37:47 GMT
age: 116845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A40A 5 KB
2 KB 158ms
94ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 13:56:42 GMT
age: 126510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A40A 40 KB
13 KB 162ms
98ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:52:42 GMT
age: 58350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 08:52:42 GMT

GET
DATA 200
OK truncated
/ Frame A40A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a2473b3e7ac5cd75c1d5b2c38049be3997e7b215a306e6aea6e58edc6c22afd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 13822146279929752658
tpc.googlesyndication.com/simgad/ Frame A40A 20 KB
21 KB 60ms
27ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13822146279929752658

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab9ce627ca76479cbacc209222ae250f7db12ad8229cde70d2d0b9e05cddf75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:17:02 GMT
x-content-type-options: nosniff
age: 89290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20882
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 09:46:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 00:17:02 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A40A 3 KB
3 KB 85ms
53ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:50:33 GMT
x-content-type-options: nosniff
server: cafe
age: 15279
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 13 Dec 2023 20:50:33 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A40A 344 B
714 B 58ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 21829
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 13 Dec 2023 19:01:23 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 109ms
108ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.58&b=1&r=trueliketop.org_fluid_sq_bannertrue300x250&sy=a9a0ed9f-dfa2-4104-b013-436136b8f832&ts=93&cd=2&pud=189&pus=c&pue=1227&pid=121&pis=c&pie=1348&ppd=279&pps=a&ppe=1507&pcl=1252&ttc=1629&tti=2629&ttif=0&lca=1507&lcak=ppe&lct=1507&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=trueliketop.org&mlre=undefined&mlin=0&mlsi=290x280&mlbw=4g&mlcs=NaN&mltp=e1be7ec8-b4de-4f91-92f9-6b6ef0e09153&e=lm&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGASWFVJZE1N70CECERHJ53H
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 86434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 834a4c248a9a2c25-FRA

GET
H2 200 container.html Show response
179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83E1 6 KB
3 KB 32ms
28ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:11 GMT
expires: Thu, 12 Dec 2024 01:05:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 107ms
105ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGBT2QSHKRTSSRN72B94ZTRT
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1114092
etag: W/"505b1404b8e3597f62714f70edb3d993-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 834a4c24b9c671bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 764E 624 B
577 B 138ms
70ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi795r-ATAB&v=APEucNUa8qmV0Ovq0HD6FQgnx8oX6NHdPIuAbpu2Y-ctS__Plt7UQgQhOHvNvmZ92C2Cf2hJaBM5U-vQeGt6-mqAu6VXrdEp85cS0mrCB-XTulDPGSdzBmwxPsZW_RCjSO8CYaLhTjezOGKKJofsjxKuAFkV_3B6Wli1Y_bjmtVbAzzuoc-hGhiYQn05EeoU7k6xtEAK4wBT

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4F63 89 KB
31 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4F63 3 KB
1 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:15:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4F63 20 KB
9 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4F63 0
0 110ms
38ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLzWBHI2JiGY0sgzD6wjvNhqBi0_yIogbmVnLk9NvaBu_YV295p5vxDLkhBcVQ3mCC_tB1mJNwHpMa3aKiqwU7ObQ-ow
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F63 203 KB
65 KB 162ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F63 42 B
63 B 65ms
64ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bng2FQCSEEUQycf3a4e_JSRdQzqxzwrGLi1Q5QnIy1qe7326g9j4RK6HjbeJ7KfjIXEOtx_m6d5cayrwoUpvMrOe_AgLCD4tbaSMiKWP8r9VgA1Vo

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3AE3 13 KB
5 KB 53ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 20:02:09 GMT
expires: Wed, 11 Dec 2024 20:02:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5563 829 B
1 KB 113ms
87ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d99991c6ac43ab8eed14fe8bc4ac94b5c7c977fe7134587ce68910baf617e2a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MkIkoNzfkuGZ_sl65p93bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MkIkoNzfkuGZ_sl65p93bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:12 GMT
expires: Wed, 13 Dec 2023 01:05:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 787ms
785ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=2891278053023445&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=21857590943%3A22821247700%2Cmahimeta_trueliketop.org_prebid%2Cdesktop_300x250_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x300%7C336x280&ifi=4&didk=3021641243&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3811573370d4307e%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MZXNxBR-n5Ijo65-pBNT64FVQs3bQ&gpic=UID%3D00000d1916315fa3%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MYbvesOIXqdhAG_cfGwlUBxnoNSPQ&abxe=1&dt=1702429512599&lmt=1702429512&adxs=999&adys=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=290x0&msz=290x0&fws=0&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&dlt=1702429510798&idt=573&prev_scp=ds_rf%3D0&adks=2815955695&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6a68d84e19f03ed72c84f9984a7828787d953a18ec9dd51b4925ad3e655a345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12467
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 1078ms
1077ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=2891278053023445&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=21857590943%3A22821247700%2Cmahimeta_trueliketop.org_prebid%2Cdesktop_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x300%7C336x280&ifi=5&didk=2355157978&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3811573370d4307e%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MZXNxBR-n5Ijo65-pBNT64FVQs3bQ&gpic=UID%3D00000d1916315fa3%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MYbvesOIXqdhAG_cfGwlUBxnoNSPQ&abxe=1&dt=1702429512605&lmt=1702429512&adxs=999&adys=2969&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=290x0&msz=290x0&fws=0&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&dlt=1702429510798&idt=573&prev_scp=ds_rf%3D0&adks=1503154507&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0511fb45e1575129bf8897d4d00fc2cb67f05e6b2d534952d3004e809848b970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11327
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 496ms
495ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427463042199225&correlator=2891278053023445&eid=31077976%2C31079233%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=21857590943%3A22821247700%2Cmahimeta_trueliketop.org_prebid%2Cdesktop_970x90_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=6&didk=2959381791&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3811573370d4307e%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MZXNxBR-n5Ijo65-pBNT64FVQs3bQ&gpic=UID%3D00000d1916315fa3%3AT%3D1702429511%3ART%3D1702429511%3AS%3DALNI_MYbvesOIXqdhAG_cfGwlUBxnoNSPQ&abxe=1&dt=1702429512612&lmt=1702429512&adxs=436&adys=341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftrueliketop.org%2F&vis=1&psz=997x0&msz=997x0&fws=0&ohw=0&ga_vid=1733256069.1702429512&ga_sid=1702429512&ga_hid=83743363&ga_fc=false&dlt=1702429510798&idt=573&prev_scp=ds_rf%3D0&adks=2245015117&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c000ff0056fda694b75641c9dcd22fc90163376e2fbf072445b527e3e386218e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12099
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trueliketop.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A40A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

48ms
46ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Wed, 13 Dec 2023 01:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F63 0
20 B 66ms
65ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8624534495276&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F63 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8624534495276&version=m202309260101&ct=119&x=1&cor=17963207481067534000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4F63 91 KB
38 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Apl9JlkVkzNwrGPmm4SX6zBvsgFwWz_pzIrFkZG5LuZEM7pkWJoKZC5TLMpX1XdA67jc82cPd9HFmSZIwukFcSB4SNu2pb5H2YZf-Ux16gvhQIiOf4TptGptkRIUgrWMRJrRTzHwglN8yeCsOcmAEvL5e_Og_oP2UawJsbIJsfY_XLXp_oPIiDOT_Si8DywQqT_wqP&cry=1&dbm_d=AKAmf-AE85lQau09fODRlf2r98lK8BDtGTr_xK6KExHgcyfBrA2PHK1ZDXkYZ7y8ibKTEciyUQKbUGTSGaVAU-nwmsX_AkJdZjQKHIOTk5I0qWMGzr7urwPEuiEIFCLKyHExyk3_a3ErpPgHsOkvXjNjl8U1G1lQ0Kd7j4q5KEm7hI11Dh42aqcnicDIFL0l7FLaCLrXjLjRu6IMG8TawOsbSbAUEr7ER0zVNoLcAZYGjUJUxXPtHESei7J_Wj19criifegk-H-IUf1XtI9cdJi47YVgf90TLFGQupdeLdMXYy3tadpiC_c4_lisLz20G9gYCqywk9Zbk8WI-0YbqReIoiPfIG1HR8DytdioMk3ZaZUnT-JEtx_rb2Op9cN1t5Bu0MkCM_HXsWJr-mjynZCO2w6yFsboGu62ybcOm88wv9uNlfQfScAmKLq7cVW7gVx6aBIAeXeSKraiVccBHKQzdv4fXN5-4LH4ZwNWfCmf9QAkk0TwS-A5FXlhKVXZHEhwh78OE8PnbVofKF5G8XXXI2ummN2VRLjkJ3_aGogLBfT7ZLbTgtnoYFFUIB7L282tdUTSeYMu0s5-e17tGuQrmULTEjwq2pMEPs1cn7973Z5BxJnhcoVFUoPBGFxE64YX9PSwNGXgf2L_NphU61xoNsAdrR5LM91y-rfiwKwQumKtgqaQ-8yukpItDA_devNNm7LOP-21RTQ_uIWJg7fJVRfKV7VbAaC2G8scojeGjrgf-wRbB2eMPdXV8f5b5bVCBF0oZ2-oZPW-TPAvEiZ2Dbbc2ulYCcTcb7ECSzjNYtuCdp-E1ZwPFsrYSwow0rVvacdVnCJ267eM69ofec6Nd_OA_8X6VY_8GfoegqLCM6_PRin9_TLtgnvnOO0o-lh43ReKNNCR_9l8jAkpEGuoYKBVqCk1W_Vgl-_oNmc8MyzqYis_Xy9dFg0IGKpj6I_0Lu4gcg8I8V1YG9ukb3wsKzqlLA0XfwbyldZvYlist_o5nVquX6r1DkwwmQW5vHEELj6Gkk4w-ZeWAGAj24lcSr2TdHQXoetNQlp2WLEV-X-r2y3g4Po8lUB1nxUCr8XHDTG4ha7bnAEjRf4LbavxMD3vEAekv2r2LCmF6ERZk6idP2pUHpCuOWi0l_WiWWMmojaspMePAXcHZtxOlcyf2PlPAm6g-58Wc4-LqimF8KxELnBfCDoIHvuVuDf-mrKoIZEqawbD2O71Uw1GrIfTdLBbG4SHFBwMfqwX1QIvuoMVmeWuN5SzVAv5i9MvkLFmglaJNXCHo9_fQHn-hnmGrJ_9M5UQUpLXhTklT6mkCdrslYn7Wm6lLoKWnuow6yQJze4tSvZcb1DqAN2XGRCI8HT9nVQT6dkvSXKOJKmV-j2tHaSKVE6f_pecwvMlMrnsCEPssr1X-xTwyXfYsQ396lX4-nHlgzkA3gOuy_2HDsyMvNpUi-Vn0eK0LZUvoWMvxnNq1md5RwvfPvLwoT0WN8V-4TeWgL59ClwEoXjcDJwIJvx5e42tS_fu5h6ZzO0_NdpqRoDY3_M35oRJFoDR5FcvqDdedwQAKgpIvc8hfmAsHzX3MOOe1zIkZNgeQoffH91AhPyT_A-xx0okh19pdT0GV6BcAWdR5hcaL1WRb4qN9iCbno3VE3igLPS2AhuqS1SG7NEpTn6gVos7W57UQX3oYT1L3aQlBnxacTlwJN21c8MG210Zsaym18o_Sw5fSEJdLOD46C_M1rSGvk99cxBYSFzWxLXJZxcyBN4mtZp0dt8oUqIkIcoMCeR07ruqeNM6DESx4-jhsbEZ26bXThzJ_6Nca-6wgXCRq_uIEI_2omdoapNJIr96uuPXrXpybujTkydmHSCJRrRuqhz3d578EPQoP5HtyFmFTdBXdvP0SKAB5AabS0xKR9zPiCl8ZpKrrLaNHUw-31etSfrRDtjoEm0t-7fzuSsatru-dSqFqe4BCi5cuuB4nXLffLJucVkDMchyc5NTP_WuNiNzZLCxZI8cQVHZ5U-I7Wjpl6hR_4Ad5h6VIOHTgiBVVIBOI4UeriqynZ7ti-36GhlOiya0ueBGq3YhnEHM0fCQ-7f9vkmMva3JDslA06g0mbTlRvwaXD9ghi8ynm1pqbs_QB_wLVhZx9r4hE3SFdcouKTkNNkNG3ZdHIKXx04q8Cig9YeFSvZh1-8lCcUhPzeWg4uJvCmGgiqmUfddGFGPn9dq0xPXqqr5AmJRu2VH27uqjRXZ2paRTHF2V12BQ5hVGzXiRiexXdcLIyeCRLNviCfoQ1vK_Fp27J03GJSDj07-ArWa0dZGpLBphSkq4nN5vBC7gOeT0x74k1UXAKzB3uYkZSiAmGzoVnzQ6K9GKzOLLRMCdlPufGs1qEmsh1NAI9ZAgRxcWYTR1Wl4rRBlPn8tCIQukT3SknozGWXYIhw_WsDHNctdRZPQrbXfjzQ5u1Uu5_7HuibBxUhzojjlO-VoE55VuI5e0XakFzQauivi-JkTfQrUpqqw7uAFchrkQC2u5vvW5iKA9xNiQv2iFgHs-0a5J7qLASzC_lQaR9ng53Hg3FhVhWl3QPXaSWryGTGuvImwij4NoaORAtPIVeRM8TdcgXvbiXRKVBnT6YzCoWkRl07lNy6H9gsxanFfA-WDp5DxHAqdUMgz8o2OaB233uYX90vvy88Vq3cCkwDiyAPkbtg44udWfS4iMT3eKwxTgS6OSbos8Ite55iKJ0uK1lgNA_ltm7ZQIkXs8kRc74g7LRF-DfcDA_fV57QQhNYjYepM8s0NEb_WRP_6uDikI_xT4guKtWn3kHn8dpXqMgolSInySYlh3wd5LkP0JZIbVFFxVBTnEN2K-_qG324QTuK1lSMLGdxOFpdCLoMPLL9eiITA8oz6GyMSIsfYmO8NZccBLMGEsJ-FtXslcNpQPGhxi7Rw4UA6VPDWxQgNIXsOyKTJG7C8WLvLkFvLs8uN5baZKmZpJ6mLrn6TvKdnJ_Z6dg7DnuILKxAFWeIMeVc6OqyTO5mI6A4F_tAoKctkja7r4m8P4NeDKuC_dMt6Z3Ov3btK7uzuCeujJVU_D3tudlHuvSOaVD1xKfWb7n4ktXf_zPx5XTcZtLVUgQxKnjbPWgrMoiWFmgaoyb_ySgE4b3IFuFSA2aQyegiP-0Sw8gUyX9S5q37av1biFYKnSRADvJsfATFv8VaheyfpOm8UKZZIBmR5OAqttmEHJXNIEU3nj8jK102g-eqhhgBjqbcr9yldsODnsCzk6oB_wELPK8wphqOOEZVKOG1jPBc8EAu-Acn5XLZPxL2Khb15Ws2HODHfZmkxnChmiIBBkXyTyC0IVdG7GWF_jAxZASWzGzdn_rSrgTuLwLGQco_WjuAKbPTdRUDyBgLBttQme6mjS5ORuUxZW2iaL7Hzw5vSJNojv1Qxyr7G4xiBLvUv-jGGJxOmXxRWhMF3kfXAsl696DmxfMueZ-mjkQT7ERxVA_zk8WO_ztapTUJ4qB2BGulw5lOvnV4vrcPp5ZDFNnAvsll6uIDldyVtjNbYDqlut5ow2eaqOJDk4r1n8aoNdX3MucwzBt2RsV9jPDVCOmCK-pL0iA--oilmgpmGcu4gD-mKYiV7wd5327uEQp2zaaDD-7VZIP6d1eiTMATLqscT2jRJISBYpucMzwi1kPFJiErVHujfk_886QseIRz427ItyZoxF4Jqg5FDz4hraQ2BT9zkEi3dQBrppdI0--Pgjq-1dkq1R4vqa0qAokyOmtHOgqxfiiA-MQOXkroQyZ0cjXenJYO23iyC4s50NvIX81GEEEkzmfNCf25wFkmA1UGpxcCJTBMebmWBaeEe4KbUUS8RzLyC4wf9B48IQX-Q8R3CXFjFrfvBppWboRKmGkKCRVs2f6wOjrq30C8WDH-afugqkqOZLbLGT-y5ROmOAgGx8gLW8WRcaU2wfHGUxaidp175OpHECbzyKop7vRvzl2JQk11zJlHWvrMi-ksboCuntnyyKk8tCbsPlkO60zhV1qcEv4daYHAKGC7CqSp17zG2uvEKyn6LHnF8GF0iZT0rr51Tcl8X2La8u8sIPKzkHvFSWkJ7XMK823U9j6brhizKwBx88v2r-ZF9_V-X18p_gHYJlq-UZrWhPbtMkhW6fnTIzx4PdQTzSYi_xLZg_f-JInfDzRLx07Oy5CLSm4UhYGCl7JAgSq8_QX3-vrovWlg8xYESFrqJL0exxiT6Yo2m&cid=CAQSPADICaaNjQiMsBxkEJJImFgVt1hL96VoLWsCNz_25ezFEsjCQetjEKDuASwCgHkxl-TeGDJwISlI8nUjthgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=17963207481067534000&adk=1761367584&idt=108&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

102fb15f974d764d68b8fab55d8cea8ad640fd83f116364d33cbbdd42c88dade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
275 B 156ms
44ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

64883f4aee2bc6f50330986c11c2bcf66daebb447c8ba48bf31f7105bf44df0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://trueliketop.org
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 764E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1

43 B
341 B

69ms
67ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi795r-ATAB&v=APEucNUa8qmV0Ovq0HD6FQgnx8oX6NHdPIuAbpu2Y-ctS__Plt7UQgQhOHvNvmZ92C2Cf2hJaBM5U-vQeGt6-mqAu6VXrdEp85cS0mrCB-XTulDPGSdzBmwxPsZW_RCjSO8CYaLhTjezOGKKJofsjxKuAFkV_3B6Wli1Y_bjmtVbAzzuoc-hGhiYQn05EeoU7k6xtEAK4wBT
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeHiVxa%2Fa7K6nOBpPI2x39p9%2BvhYN8WacMZgMJMPjwm4WvdwIwoIK2EttSiJIG8rgXJqAaJc15sgElw91554f2BItw7X3sJjsShUHuwcEucxM8E%2FLqCjxyVG%2BzpAqn4LoS%2FqBI%2BsxdbZLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834a4c27ead7aca7-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 764E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkDSMzBULJ70Ws4JTpTfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1

43 B
861 B

84ms
84ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi795r-ATAB&v=APEucNUa8qmV0Ovq0HD6FQgnx8oX6NHdPIuAbpu2Y-ctS__Plt7UQgQhOHvNvmZ92C2Cf2hJaBM5U-vQeGt6-mqAu6VXrdEp85cS0mrCB-XTulDPGSdzBmwxPsZW_RCjSO8CYaLhTjezOGKKJofsjxKuAFkV_3B6Wli1Y_bjmtVbAzzuoc-hGhiYQn05EeoU7k6xtEAK4wBT
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LralX8Ehvyku5YIbdKTMjyph6kTbB6Y0MMdsFDyPlo%2BG5N369HGL56FMAnLjAM6qR11wMusMXEQV2dZvxux6DB%2Bnd%2B2dMlINrhJlayVgOsWaW47Zkb7%2BI0c1XamRseGJQluFeMRaN9aITg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834a4c28bb3358ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqB4aF068-9B1axU9jk8qs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 764E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOL-DtXln9WTS7ZfRmBbT7Q&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOL-DtXln9WTS7ZfRmBbT7Q%26google_cver%3D1

43 B
893 B

79ms
73ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOL-DtXln9WTS7ZfRmBbT7Q%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi795r-ATAB&v=APEucNUa8qmV0Ovq0HD6FQgnx8oX6NHdPIuAbpu2Y-ctS__Plt7UQgQhOHvNvmZ92C2Cf2hJaBM5U-vQeGt6-mqAu6VXrdEp85cS0mrCB-XTulDPGSdzBmwxPsZW_RCjSO8CYaLhTjezOGKKJofsjxKuAFkV_3B6Wli1Y_bjmtVbAzzuoc-hGhiYQn05EeoU7k6xtEAK4wBT

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
an-x-request-uuid: 3d9958c5-6ea1-49d3-834c-ffa09a11ae20
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.22; 217.114.218.22; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:12 GMT
an-x-request-uuid: 12f007a8-9e68-474b-9712-01954a3d7118
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOL-DtXln9WTS7ZfRmBbT7Q%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 764E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D

170 B
232 B

56ms
55ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
an-x-request-uuid: 1992c936-d8ba-4d9f-9701-008efc8fe09f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A40A 0
0 77ms
75ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPW54RwN5ZbzoKKrK1PIPnti3mAXklvfEdM6l3bGNEtrZHhABIJWbyiFglYKAgLAHoAHs2r7yAsgBA6kCcVT8x7Absj7gAgCoAwHIAwiqBNICT9Dbb2TuNn-0xCUuvOhbyt_M9Knxzc1ku1z02W5MsM4Qa19-mFclunW3WRZZcJngtebMxKqfMMmTAfcqii6isnn9Dm8FZ_oLqoIViacu0eTCnzgBTTB2aaU87klS0_3oZtq7dB-2OruyQQjM5WTgyRmkE90mBFgkOx_4kHSmmw63w3ckdaLMsni6Ct90Y6Bc-fpQm-r9dx_TT-g_49mcrbfnIbYAuEx7s-g8Eu3ouJm4ARSy8t_ar1dZfMuubmYYnuR-B-UIHqIpEBIfmRxBbuQvDvMgq1h-vlB9tnL4a5gh1qucxYZvRIrAhKQhannvLpXbDuw6Ork8IMNuED1_OpmF5DnHTqKs14bBiDyNf7BXOwqX6_-FF2LJeGdYKz94W-t2hGjWLTPa0FVlKcERqyMN2e15dPEh1-3VgIstxztvd3bb1E1M9pH7CREwOwJFcjnABKrSyenLBOAEAYgFn_TtyU2SBQQIBBgBkgUECAUYBKAGA4AH_KTBjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCWvTXSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WKz_r5Kci4MD8ggbYWR4LXN1YnN5bi0xNzcxODg5NTIwNTMwMTYwmgmGAWh0dHBzOi8vd3d3LmFsc28uY29tL2VjL2NtczUvZGVfMTAxMC8xMDEwX2FuYmlldGVyL2hwL2hwLXNtYXJ0LWJ1eS9pbmRleC5qc3A_bWM9c2hvcC5kZV9kZV9ocF9zbWFydC1idXlfLnJlc2VsbGVyLmdkbi4yNHExLmRpcmVjdC5hbHNvgAoDyAsBogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxAuINEwj_s7CSnIuDAxUqJVUIHR7sDVPYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=QBE5AWvbE-M&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNpiClcweQWIIWkX8DmJ-BvXO4G4Hq_9bjsOpIBV5jzlYqQ9bAnyrPcXwV3w2nN7xzpkzO59Bm5TDTrg31_va7lAkFvWpyGHZ2VBgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5563 0
0 66ms
66ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4427463042199225&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AE3 39 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:27:24 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4F63 111 KB
39 KB 122ms
33ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Origin: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4F63 11 KB
4 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Apl9JlkVkzNwrGPmm4SX6zBvsgFwWz_pzIrFkZG5LuZEM7pkWJoKZC5TLMpX1XdA67jc82cPd9HFmSZIwukFcSB4SNu2pb5H2YZf-Ux16gvhQIiOf4TptGptkRIUgrWMRJrRTzHwglN8yeCsOcmAEvL5e_Og_oP2UawJsbIJsfY_XLXp_oPIiDOT_Si8DywQqT_wqP&cry=1&dbm_d=AKAmf-AE85lQau09fODRlf2r98lK8BDtGTr_xK6KExHgcyfBrA2PHK1ZDXkYZ7y8ibKTEciyUQKbUGTSGaVAU-nwmsX_AkJdZjQKHIOTk5I0qWMGzr7urwPEuiEIFCLKyHExyk3_a3ErpPgHsOkvXjNjl8U1G1lQ0Kd7j4q5KEm7hI11Dh42aqcnicDIFL0l7FLaCLrXjLjRu6IMG8TawOsbSbAUEr7ER0zVNoLcAZYGjUJUxXPtHESei7J_Wj19criifegk-H-IUf1XtI9cdJi47YVgf90TLFGQupdeLdMXYy3tadpiC_c4_lisLz20G9gYCqywk9Zbk8WI-0YbqReIoiPfIG1HR8DytdioMk3ZaZUnT-JEtx_rb2Op9cN1t5Bu0MkCM_HXsWJr-mjynZCO2w6yFsboGu62ybcOm88wv9uNlfQfScAmKLq7cVW7gVx6aBIAeXeSKraiVccBHKQzdv4fXN5-4LH4ZwNWfCmf9QAkk0TwS-A5FXlhKVXZHEhwh78OE8PnbVofKF5G8XXXI2ummN2VRLjkJ3_aGogLBfT7ZLbTgtnoYFFUIB7L282tdUTSeYMu0s5-e17tGuQrmULTEjwq2pMEPs1cn7973Z5BxJnhcoVFUoPBGFxE64YX9PSwNGXgf2L_NphU61xoNsAdrR5LM91y-rfiwKwQumKtgqaQ-8yukpItDA_devNNm7LOP-21RTQ_uIWJg7fJVRfKV7VbAaC2G8scojeGjrgf-wRbB2eMPdXV8f5b5bVCBF0oZ2-oZPW-TPAvEiZ2Dbbc2ulYCcTcb7ECSzjNYtuCdp-E1ZwPFsrYSwow0rVvacdVnCJ267eM69ofec6Nd_OA_8X6VY_8GfoegqLCM6_PRin9_TLtgnvnOO0o-lh43ReKNNCR_9l8jAkpEGuoYKBVqCk1W_Vgl-_oNmc8MyzqYis_Xy9dFg0IGKpj6I_0Lu4gcg8I8V1YG9ukb3wsKzqlLA0XfwbyldZvYlist_o5nVquX6r1DkwwmQW5vHEELj6Gkk4w-ZeWAGAj24lcSr2TdHQXoetNQlp2WLEV-X-r2y3g4Po8lUB1nxUCr8XHDTG4ha7bnAEjRf4LbavxMD3vEAekv2r2LCmF6ERZk6idP2pUHpCuOWi0l_WiWWMmojaspMePAXcHZtxOlcyf2PlPAm6g-58Wc4-LqimF8KxELnBfCDoIHvuVuDf-mrKoIZEqawbD2O71Uw1GrIfTdLBbG4SHFBwMfqwX1QIvuoMVmeWuN5SzVAv5i9MvkLFmglaJNXCHo9_fQHn-hnmGrJ_9M5UQUpLXhTklT6mkCdrslYn7Wm6lLoKWnuow6yQJze4tSvZcb1DqAN2XGRCI8HT9nVQT6dkvSXKOJKmV-j2tHaSKVE6f_pecwvMlMrnsCEPssr1X-xTwyXfYsQ396lX4-nHlgzkA3gOuy_2HDsyMvNpUi-Vn0eK0LZUvoWMvxnNq1md5RwvfPvLwoT0WN8V-4TeWgL59ClwEoXjcDJwIJvx5e42tS_fu5h6ZzO0_NdpqRoDY3_M35oRJFoDR5FcvqDdedwQAKgpIvc8hfmAsHzX3MOOe1zIkZNgeQoffH91AhPyT_A-xx0okh19pdT0GV6BcAWdR5hcaL1WRb4qN9iCbno3VE3igLPS2AhuqS1SG7NEpTn6gVos7W57UQX3oYT1L3aQlBnxacTlwJN21c8MG210Zsaym18o_Sw5fSEJdLOD46C_M1rSGvk99cxBYSFzWxLXJZxcyBN4mtZp0dt8oUqIkIcoMCeR07ruqeNM6DESx4-jhsbEZ26bXThzJ_6Nca-6wgXCRq_uIEI_2omdoapNJIr96uuPXrXpybujTkydmHSCJRrRuqhz3d578EPQoP5HtyFmFTdBXdvP0SKAB5AabS0xKR9zPiCl8ZpKrrLaNHUw-31etSfrRDtjoEm0t-7fzuSsatru-dSqFqe4BCi5cuuB4nXLffLJucVkDMchyc5NTP_WuNiNzZLCxZI8cQVHZ5U-I7Wjpl6hR_4Ad5h6VIOHTgiBVVIBOI4UeriqynZ7ti-36GhlOiya0ueBGq3YhnEHM0fCQ-7f9vkmMva3JDslA06g0mbTlRvwaXD9ghi8ynm1pqbs_QB_wLVhZx9r4hE3SFdcouKTkNNkNG3ZdHIKXx04q8Cig9YeFSvZh1-8lCcUhPzeWg4uJvCmGgiqmUfddGFGPn9dq0xPXqqr5AmJRu2VH27uqjRXZ2paRTHF2V12BQ5hVGzXiRiexXdcLIyeCRLNviCfoQ1vK_Fp27J03GJSDj07-ArWa0dZGpLBphSkq4nN5vBC7gOeT0x74k1UXAKzB3uYkZSiAmGzoVnzQ6K9GKzOLLRMCdlPufGs1qEmsh1NAI9ZAgRxcWYTR1Wl4rRBlPn8tCIQukT3SknozGWXYIhw_WsDHNctdRZPQrbXfjzQ5u1Uu5_7HuibBxUhzojjlO-VoE55VuI5e0XakFzQauivi-JkTfQrUpqqw7uAFchrkQC2u5vvW5iKA9xNiQv2iFgHs-0a5J7qLASzC_lQaR9ng53Hg3FhVhWl3QPXaSWryGTGuvImwij4NoaORAtPIVeRM8TdcgXvbiXRKVBnT6YzCoWkRl07lNy6H9gsxanFfA-WDp5DxHAqdUMgz8o2OaB233uYX90vvy88Vq3cCkwDiyAPkbtg44udWfS4iMT3eKwxTgS6OSbos8Ite55iKJ0uK1lgNA_ltm7ZQIkXs8kRc74g7LRF-DfcDA_fV57QQhNYjYepM8s0NEb_WRP_6uDikI_xT4guKtWn3kHn8dpXqMgolSInySYlh3wd5LkP0JZIbVFFxVBTnEN2K-_qG324QTuK1lSMLGdxOFpdCLoMPLL9eiITA8oz6GyMSIsfYmO8NZccBLMGEsJ-FtXslcNpQPGhxi7Rw4UA6VPDWxQgNIXsOyKTJG7C8WLvLkFvLs8uN5baZKmZpJ6mLrn6TvKdnJ_Z6dg7DnuILKxAFWeIMeVc6OqyTO5mI6A4F_tAoKctkja7r4m8P4NeDKuC_dMt6Z3Ov3btK7uzuCeujJVU_D3tudlHuvSOaVD1xKfWb7n4ktXf_zPx5XTcZtLVUgQxKnjbPWgrMoiWFmgaoyb_ySgE4b3IFuFSA2aQyegiP-0Sw8gUyX9S5q37av1biFYKnSRADvJsfATFv8VaheyfpOm8UKZZIBmR5OAqttmEHJXNIEU3nj8jK102g-eqhhgBjqbcr9yldsODnsCzk6oB_wELPK8wphqOOEZVKOG1jPBc8EAu-Acn5XLZPxL2Khb15Ws2HODHfZmkxnChmiIBBkXyTyC0IVdG7GWF_jAxZASWzGzdn_rSrgTuLwLGQco_WjuAKbPTdRUDyBgLBttQme6mjS5ORuUxZW2iaL7Hzw5vSJNojv1Qxyr7G4xiBLvUv-jGGJxOmXxRWhMF3kfXAsl696DmxfMueZ-mjkQT7ERxVA_zk8WO_ztapTUJ4qB2BGulw5lOvnV4vrcPp5ZDFNnAvsll6uIDldyVtjNbYDqlut5ow2eaqOJDk4r1n8aoNdX3MucwzBt2RsV9jPDVCOmCK-pL0iA--oilmgpmGcu4gD-mKYiV7wd5327uEQp2zaaDD-7VZIP6d1eiTMATLqscT2jRJISBYpucMzwi1kPFJiErVHujfk_886QseIRz427ItyZoxF4Jqg5FDz4hraQ2BT9zkEi3dQBrppdI0--Pgjq-1dkq1R4vqa0qAokyOmtHOgqxfiiA-MQOXkroQyZ0cjXenJYO23iyC4s50NvIX81GEEEkzmfNCf25wFkmA1UGpxcCJTBMebmWBaeEe4KbUUS8RzLyC4wf9B48IQX-Q8R3CXFjFrfvBppWboRKmGkKCRVs2f6wOjrq30C8WDH-afugqkqOZLbLGT-y5ROmOAgGx8gLW8WRcaU2wfHGUxaidp175OpHECbzyKop7vRvzl2JQk11zJlHWvrMi-ksboCuntnyyKk8tCbsPlkO60zhV1qcEv4daYHAKGC7CqSp17zG2uvEKyn6LHnF8GF0iZT0rr51Tcl8X2La8u8sIPKzkHvFSWkJ7XMK823U9j6brhizKwBx88v2r-ZF9_V-X18p_gHYJlq-UZrWhPbtMkhW6fnTIzx4PdQTzSYi_xLZg_f-JInfDzRLx07Oy5CLSm4UhYGCl7JAgSq8_QX3-vrovWlg8xYESFrqJL0exxiT6Yo2m&cid=CAQSPADICaaNjQiMsBxkEJJImFgVt1hL96VoLWsCNz_25ezFEsjCQetjEKDuASwCgHkxl-TeGDJwISlI8nUjthgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=17963207481067534000&adk=1761367584&idt=108&cac=0&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:43:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4F63 31 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F63 41 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 131C 1 KB
646 B 38ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4F63 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8cd7ffd11238414c602aa8df4d3bb99a05b79bb9c0ab86003ffd09b87700b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 v3 Show response
id5-sync.com/gm/ 318 B
599 B 130ms
43ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e00b35b395706594a843fc26d14d6193c40d0f04c4b0afec63ab6bcabd0486e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trueliketop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trueliketop.org
date: Wed, 13 Dec 2023 01:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 131C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPucbaAcDnfAELAYJqqu28M&google_push=AXcoOmSiCBNmlO7FwCJYMiziSdaWgRxpjs2oxXmZUyltIDbABjVmmMpTrH...

170 B
188 B

56ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPucbaAcDnfAELAYJqqu28M&google_push=AXcoOmSiCBNmlO7FwCJYMiziSdaWgRxpjs2oxXmZUyltIDbABjVmmMpTrHaaoEdTZ5rVrBZLIt3aZB7wmpsQeRsQohtA3dGHBMjj

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320057-CPH
pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702429513.166485,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPucbaAcDnfAELAYJqqu28M&google_push=AXcoOmSiCBNmlO7FwCJYMiziSdaWgRxpjs2oxXmZUyltIDbABjVmmMpTrHaaoEdTZ5rVrBZLIt3aZB7wmpsQeRsQohtA3dGHBMjj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 131C 0
166 B 192ms
59ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHUkvIFKvSr2QaMyL5pfpag&google_cver=1&google_push=AXcoOmQGDb6j3zaVpQTEBjEGRVhPuOOEiIkql3KtOasobd2fwMBAzxDvGLMrdKfjRLKL8j_IoZmxCNS1_JBtpoTRl14pqLqJSP4erw
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 13 Dec 2023 01:05:11 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 131C 0
35 B 143ms
45ms Image
text/plain 3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGhTKJ7yU6b0EAVg_ZYhk_I&google_cver=1&google_push=AXcoOmTuKrzmK36ANu18rh9UiJLA0fJfKAHDsC1WmWzwQUlBZo4DR1sAQzRIP42BdCTW160LkatvtwALAYM1bO2V5AwuyARaqDeuLvQ
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 131C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGwMXyjNxH-t3j4rOakV_CQ&google_cver=1&google_push=AXcoOmTRzT2A74eJoyirErcxLqzhBarlKLRodfmJXag-aD4NoMyqjLv-I328tEvY8oCRaHai3kabE43TpKF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRzT2A74eJoyirErcxLqzhBarlKLRodfmJXag-aD4NoMyqjLv-I328tEvY8oCRaHai3kabE43TpKFKi1Sie06wir8sdX0CJw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

45ms
44ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 131C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEIM_qS1VFlmnC1Zl-zbiwVg&google_cver=1&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7Aouxhn...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEIM_qS1VFlmnC1Zl-zbiwVg&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7Aouxhn...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA&google_hm=WVpONzlQa2E4c...

170 B
188 B

58ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA&google_hm=WVpONzlQa2E4c0hoSXZha09YWHY=

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 01:05:13 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRPXKw3bhPKqTc6LCXREQ_2gTiIu9VlGqiCCYYJWK9aQqN4uOieLAZBokwltukTzW7AouxhnuT2W3U7BQX_yW6NtQx-TcpUmmA&google_hm=WVpONzlQa2E4c0hoSXZha09YWHY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 243
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 131C
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEC6YX6N8xLrhQS0eLgA7_6U&google_cver=1&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN&google_hm=81fa84b7ebfaba...

170 B
188 B

54ms
51ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN&google_hm=81fa84b7ebfaba311q7eog00lq32krkx

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ5oAXL3FAusnMbrL7KXOrOnVYU450J6KCus-mJqZWxOKybQKtfr5Kgw9UfoGu-vCNtE6k1sTYYOSr9JlNUCr4FFlhWlgYN&google_hm=81fa84b7ebfaba311q7eog00lq32krkx
date: Wed, 13 Dec 2023 01:05:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
content-type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 131C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6IaM4gzdLvzLX_scdN...

170 B
243 B

51ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6IaM4gzdLvzLX_scdNQJO3dgOuV9Whj6ssG6PvC4FK_rI3hr7DKAKp_oAubmLxAV4z1t2qEVTHXP6N4ur97lfw

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
an-x-request-uuid: d869fefc-7e0a-4361-9614-53d788f44bfb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU3MTM5NzA0NDI4MDc3ODI0NA%3D%3D&google_gid=CAESEOVfv0ecRBuUNHXsskwNef8&google_cver=1&google_push=AXcoOmQwpMKDL8Cd6IaM4gzdLvzLX_scdNQJO3dgOuV9Whj6ssG6PvC4FK_rI3hr7DKAKp_oAubmLxAV4z1t2qEVTHXP6N4ur97lfw
x-proxy-origin: 217.114.218.22; 217.114.218.22; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 131C 0
59 B 50ms
47ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7jrByADuyL1WddWGU27Oj8gI4sZac8cpYpNIc2PL87f5-e_dV32w7BDcQ4C0tg4ab89oJ1x8O6Vw

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EF71 38 KB
13 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14156154144916469114/ Frame B282 262 KB
56 KB 103ms
28ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d1c61f97def8e36a319aa9afe1df38bef56b42f5fbb12aabbcebf92d705c02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 57692
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:38:01 GMT
expires: Tue, 10 Dec 2024 23:38:01 GMT
last-modified: Tue, 14 Nov 2023 15:28:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F63 0
0 230ms
91ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssD_D10jPaExQL2Wq8BsCraRwxq3Px0FRJgZX3Yd5tG5VAlMnXYYj3meXdh-Qtkr583S_Lo_RWs4pIYkOis-LRyq7irsB52n3ISCcFBOkVRjQHyO4ERzeV1etjWJswmi6ikLT1bg0_5KYs22L2lyNCG1nEwntz_gqYeg2xQXvk8I7__qVVNzCuD9UktsDowsddcFdS54zPsFFECrcMo2gZWnO7fAHB-kASLLX3SA_jqhWsRSbkNAHVncBQNcYZu9j_NOPkOONkYaCZwdt4TpalftHoc5k3yRp0oKVNX2Ahx761vGk2JLJbyHERAI8Op8jeolmybjY00Lp2t5HFZ9z7sF7MqbQmndXkXlu8cJsClT2QHO75EdbTcG8KDVUWMiy9ltxOEEkH1Bh2sHLycdrDW0kVXSqjWTnwexGBp97nI8lFt0CIodQtZzVSy55kAR85AnLEw5AcqMAfOcQqC4hq8ODDcyTlQfbZdg5HRK2oLGlVPLYY1Olsy8z3v4fNtU7CBQt6gMss4F8ARsXUjK5OBp9hVJZm7d1p5vtK3aA5nrNkNpZhC5bjBF4imp_Pq4x91N3iVNQbzdx3hSTWDCevu_RfksjH-_0NWN9v2U5uwqdRQQIq2DQNfnkv7x44b4y7YuopoLNg3WNbYQJAUIEhuEhkCMpLAawJBptFENLM6kcFyTlO4iGQ_c6xXe1HNlh9vh62t9QtlzST8XPrUNb17qiYKtgXG-8_0NSYy29SPO6-rSK11ITXxEym8WDUxYJ5z8uZ386J4W4nyWF5W51Pva2vI0z5JymlcHxC8AkFAvsKorLEibB2jMPowOt9QCKvZ8sjOaSYWMhnhKXJufpkaHjZnqbz6G2dYEqCYnv4U3YrBDT9TrYSou4bcBP2i6aaWZGMVkyLtboKGYdkcaQ2dS7UAV8BM6elhbbsS8TcI4sO0UP3J5kQj5MQ9x_ffaMuigntLPVy2SbMb1_SCak5h895B7A0sPMcCLYVc3M9CqETPmGk51Dq7pq0EVnpKB4yW2z9FdJV2bePCZOon2V6_efedies5sYpqC2HtRLls2Wedze09Oe1w8B0jA71fjOmVjjXOlSGn7EJeWv-8Huyra2wL8gouV3FtgNNe9JapnJkevYZ3Z-dKfGhldOnsJMRGiHrh8o3F6a8h0G46cGJNgG_ISuh6gBgVORs3UNOOMBk03mxeFsxVZXtYiOyHaCa0LKgPdUoNibIgG8DkAQlNhgK_9m21caoezI3SSuh_SxmMDBb_S67pYuQhdzNnU8X1jeVa7vI33JaFe8a-6f5mbMPDbQMPSx9UJehfURGt4xrD5N4rV1vULQKV1zsgywgEOWTBujyPKmth7GbLVFlnlEfeRIpBvChx-_SU3ev6L9Vd-zx7XaESUH9WeMGBsdVqb_TXpD7cpyWnRqns8GgFINHNu170LBMwRyoGDVLZDjlHvORZ3u2DtdN_os0XU--haMFIDEJdHx93tSyje3jhukyxnJQ&sai=AMfl-YQR-vempj17Khsq6_gLvwu0C_7ODb0G3sC_Gw_xyj_XGuOemsgVhx2GKPDexE48N270PebXah7yGay7TBQPGOKvJvhCkrsxbq-dPij2HcOsLOVeMLIYdhOvM69rRhkvzgsY8K9sQP6zoXmanNgkYL20dDMDjSG45Uu8mKRwyUq38VvhZZk9BHrztwrGc2xc6hFu-HxnMG7rFlHRRfRuXlTszFS1ws45fKlZq7tpdc994FUrT__R8IwojjVojaTkp4lnt5A&sig=Cg0ArKJSzJt4ng_4hdwuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=196&cisv=r20231207.75888&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EF71 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:27:24 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame C91E 196 KB
55 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:53:20 GMT
age: 58313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 08:53:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C91E 15 KB
5 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 17:21:05 GMT
age: 114248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C91E 95 KB
28 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 16:37:47 GMT
age: 116846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C91E 5 KB
2 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 13:56:42 GMT
age: 126511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C91E 40 KB
13 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 08:52:42 GMT
age: 58351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 08:52:42 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C91E 3 KB
3 KB 37ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:50:33 GMT
x-content-type-options: nosniff
server: cafe
age: 15280
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 13 Dec 2023 20:50:33 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C91E 344 B
368 B 37ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 21830
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 13 Dec 2023 19:01:23 GMT

GET
DATA 200
OK truncated
/ Frame C91E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba985b1a8f10f23e287ac8b524229b211240ae6573038e07455bcb8f4319cafb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6438265750514335025
tpc.googlesyndication.com/daca_images/simgad/ Frame C91E 41 KB
41 KB 72ms
72ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6438265750514335025

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e40b375d4c76143bae818013bad107f0de3dbaf0aa472575957170f091ed01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41921
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 01:09:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Dec 2024 01:05:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C91E 0
0 39ms
38ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzklUXyihep3jWIEQKlt0C1yS_4pxB9pslMMEs1amxKKyPbBSVa98R-sSIx_IoyrVf08dPGOp1tPp_a3m-m--uC2dcYA
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3AE3 0
10 B 33ms
31ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eKXDVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame B282 32 KB
11 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 23:49:09 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C91E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

50ms
50ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6438265750514335025
tpc.googlesyndication.com/daca_images/simgad/ Frame C91E 41 KB
41 KB 39ms
37ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6438265750514335025

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e40b375d4c76143bae818013bad107f0de3dbaf0aa472575957170f091ed01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41921
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 01:09:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Dec 2024 01:05:13 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C91E 3 KB
3 KB 38ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:50:33 GMT
x-content-type-options: nosniff
server: cafe
age: 15280
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 13 Dec 2023 20:50:33 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C91E 344 B
368 B 38ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 21830
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 13 Dec 2023 19:01:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F63 0
0 91ms
89ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssD_D10jPaExQL2Wq8BsCraRwxq3Px0FRJgZX3Yd5tG5VAlMnXYYj3meXdh-Qtkr583S_Lo_RWs4pIYkOis-LRyq7irsB52n3ISCcFBOkVRjQHyO4ERzeV1etjWJswmi6ikLT1bg0_5KYs22L2lyNCG1nEwntz_gqYeg2xQXvk8I7__qVVNzCuD9UktsDowsddcFdS54zPsFFECrcMo2gZWnO7fAHB-kASLLX3SA_jqhWsRSbkNAHVncBQNcYZu9j_NOPkOONkYaCZwdt4TpalftHoc5k3yRp0oKVNX2Ahx761vGk2JLJbyHERAI8Op8jeolmybjY00Lp2t5HFZ9z7sF7MqbQmndXkXlu8cJsClT2QHO75EdbTcG8KDVUWMiy9ltxOEEkH1Bh2sHLycdrDW0kVXSqjWTnwexGBp97nI8lFt0CIodQtZzVSy55kAR85AnLEw5AcqMAfOcQqC4hq8ODDcyTlQfbZdg5HRK2oLGlVPLYY1Olsy8z3v4fNtU7CBQt6gMss4F8ARsXUjK5OBp9hVJZm7d1p5vtK3aA5nrNkNpZhC5bjBF4imp_Pq4x91N3iVNQbzdx3hSTWDCevu_RfksjH-_0NWN9v2U5uwqdRQQIq2DQNfnkv7x44b4y7YuopoLNg3WNbYQJAUIEhuEhkCMpLAawJBptFENLM6kcFyTlO4iGQ_c6xXe1HNlh9vh62t9QtlzST8XPrUNb17qiYKtgXG-8_0NSYy29SPO6-rSK11ITXxEym8WDUxYJ5z8uZ386J4W4nyWF5W51Pva2vI0z5JymlcHxC8AkFAvsKorLEibB2jMPowOt9QCKvZ8sjOaSYWMhnhKXJufpkaHjZnqbz6G2dYEqCYnv4U3YrBDT9TrYSou4bcBP2i6aaWZGMVkyLtboKGYdkcaQ2dS7UAV8BM6elhbbsS8TcI4sO0UP3J5kQj5MQ9x_ffaMuigntLPVy2SbMb1_SCak5h895B7A0sPMcCLYVc3M9CqETPmGk51Dq7pq0EVnpKB4yW2z9FdJV2bePCZOon2V6_efedies5sYpqC2HtRLls2Wedze09Oe1w8B0jA71fjOmVjjXOlSGn7EJeWv-8Huyra2wL8gouV3FtgNNe9JapnJkevYZ3Z-dKfGhldOnsJMRGiHrh8o3F6a8h0G46cGJNgG_ISuh6gBgVORs3UNOOMBk03mxeFsxVZXtYiOyHaCa0LKgPdUoNibIgG8DkAQlNhgK_9m21caoezI3SSuh_SxmMDBb_S67pYuQhdzNnU8X1jeVa7vI33JaFe8a-6f5mbMPDbQMPSx9UJehfURGt4xrD5N4rV1vULQKV1zsgywgEOWTBujyPKmth7GbLVFlnlEfeRIpBvChx-_SU3ev6L9Vd-zx7XaESUH9WeMGBsdVqb_TXpD7cpyWnRqns8GgFINHNu170LBMwRyoGDVLZDjlHvORZ3u2DtdN_os0XU--haMFIDEJdHx93tSyje3jhukyxnJQ&sai=AMfl-YQR-vempj17Khsq6_gLvwu0C_7ODb0G3sC_Gw_xyj_XGuOemsgVhx2GKPDexE48N270PebXah7yGay7TBQPGOKvJvhCkrsxbq-dPij2HcOsLOVeMLIYdhOvM69rRhkvzgsY8K9sQP6zoXmanNgkYL20dDMDjSG45Uu8mKRwyUq38VvhZZk9BHrztwrGc2xc6hFu-HxnMG7rFlHRRfRuXlTszFS1ws45fKlZq7tpdc994FUrT__R8IwojjVojaTkp4lnt5A&sig=Cg0ArKJSzJt4ng_4hdwuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=501&vt=11&dtpt=299&dett=3&cstd=196&cisv=r20231207.75888&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Siegel_Kundentreue_2023_ALDI-TALK.jpg
s0.2mdn.net/sadbundle/14156154144916469114/ Frame B282 41 KB
41 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14156154144916469114/Siegel_Kundentreue_2023_ALDI-TALK.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b7d35ac986e47397977d7f98ab60c0f8f0a6c6e83f3d80b3c4d1c49956fa05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:35:48 GMT
x-content-type-options: nosniff
age: 91765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42353
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:28:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 23:35:48 GMT

GET
H3 200 5G.png
s0.2mdn.net/sadbundle/14156154144916469114/ Frame B282 35 KB
35 KB 55ms
55ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14156154144916469114/5G.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14156154144916469114/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:31:09 GMT
x-content-type-options: nosniff
age: 63244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35856
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:28:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:31:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C91E 0
0 82ms
81ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkIadSAN5ZYDMKIzn1PIP1ZqbwAmnzq_uc470n5G9EeiHhZ4LEAEgsZPteWCVAqAB0ajN_QPIAQKpAvJ0MC64p6g-4AIAqAMByAMIqgTJAk_QlleCxEa4X9IvBrwAfDS0T81gyFQEM0w9IQOsYhjfbL-69_jj-5Z6nUv5NxAUlgdU_0Sou92lIKwUouXP8aM5CVbfITyJg8SXsRmXDxccJLO_artn5HoTxacOrgdEm94zt3DdB1D5yW_2LLVvSUAfYj5ACLVUO5ieH94tfpiAWaidHKWYJohzaJrrthA09vVt2VhG2PbnTpmalsRhcN1uJjSYbY4WEWXQ9zvps4IT4gsGyw6a2yPh_DYkQrzHSUc8Ir0JH4U61pJmgDrIDZaTYFGtmKZPxRY3XwYyXQi8Dn_wg17cEAARPR68iPlkT9Iz3w79L0UUUgDcuULweX6jLCl7pe0xX4yNcolS8CJ9hSqMH3GNdwd-OJMkN99upAJLwtUW46Wg6WSqbEC6WMcKAuPSqmWKlNN0j0fzyK6emKbN8abUSn-ZwATazOTMgQTgBAGIBe7z9aFAkgUECAQYAZIFBAgFGASgBgKAB5fXsgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD4hCTSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WJaC7ZKci4MDmgmwAWh0dHBzOi8vd3d3LnN0ZW1jZWxsLmNvbS9mb3Jtcy93YWxsY2hhcnQtc21hbGwtbW9sZWN1bGVzLWluLWNhbmNlci1yZXNlYXJjaC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1jY19zbSZ1dG1fY29udGVudD13YWxsY2hhcnQmdXRtX2NvbnRlbnQ9d2FsbGNoYXJ0gAoDyAsBogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxAuINEwjdqu2SnIuDAxWMM1UIHVXNBpjYEwrQFQGAFwGyFx4KHAgAEhRwdWItOTY1NTgyNDU5MzMxNTYyNRiC83I&sigh=irSa_zYbtmY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwDICaaN6cf6zyn4pwsLkcxCwkOH-EMuI4lQQ97ikaIcy1x_vAagFC5qYXP8GXbrt9YtdMxrqg1m8B06GAE&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D78 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:11 GMT
expires: Thu, 12 Dec 2024 01:05:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0648 640 B
262 B 78ms
75ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D78 89 KB
31 KB 117ms
113ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D78 42 B
66 B 74ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHaEuG90fx-JqeNE0y8fLDozc-P9KPr0Xq_-eDx7KDe-MH89_a0mvUdqAW6mUz27hOpUV6g9P-Jgb4bz22ooN2mj0_js-1daFbZNLv_Bg_1dHGhnc

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2D78 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:15:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2D78 20 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:49:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2D78 0
0 43ms
41ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnsg_dAk0xQwNe7xqUWT_BUOudi2c6UEmfyiBUIL17eOFF_Rc_0js-a04eg5oSCgSgDzm-laDXdvN7JZQEZyLm3VCSIg
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D78 203 KB
64 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF71 0
23 B 69ms
68ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9OC7SAN5ZbPVLZqBx_APpLyUqAcAAAAAOAHgBAI&bg=!rq2lreLNAAY3kmNgF5I7ADQBe5WfODRjy_sbCTi9zTMdJmZwxuXB3tEfrbwDlU75Yi-gct5sje6Hkr5FHNN8jdfwxriZAgAAARtSAAAABGgBB5kDhVrNw0TuZTXf2qwoJ7KA2h6aeWdsnAMsTOWzEwhC6sSkZ9B22_3zIW_6cncH46IxLvBoiU2ODY5uZOt4eC50J5JyZGZHRkpw5T8cACuAFG-xwqhps4a8Jal96UN6ZmPSo4Gz_yoewjZwWf3ElCmckIbezyb9pGo8Dqsd96DTCUYyz-WMSohZSNqpcldlWRsIcXQ_ccmQXtskioOOIaJYb475x6kp2DLHX6XvhkuN3ukeyG0Esin_4vqM4HDrtAHw_DNnI7j2NRTnbG0i4ADK9nup8HDUjmGqPDX3fbV5TSMGle5xOBC6eisdJNIYLH45VPEqGSbJbfnvuFIvJNECkF-Y5T90E2snMYVtipUArkH2Q_o8hISP-M6BUEA5u92MGJ7j8As9sPiuDBYo63K3IdWbVxFQCQHTJCKpuip90BeWF5_AX5IrOdGNm9R4vf2Fx1mgY3hgiBuYO_OE2wXVFGJIx3qV6lrtyZMFbJi4jnmDwmZrMTjrBvv9SHuzfUTINrbZ2SpgNXbSFIucAezcM-r0vS4pOHtyaVoXhdRryk-Tox-6s0CuwhMykgdOId3rx4SuubiRCeATS3OYGkkTaNfDVLBNXeFGQMe-d48fh1or_dIqFS0dpNdaR9tkzoroNhzPXJ_QqhRVC1lvi_NzActmc0LryILwWm8b360mwxSxPLyI2-MseTHISwlF9Hkq5L9jCz0z06R9VRusMt4UMRbgLthXr9d12h4EKGeQNU_K4mrJ_W7M2jGLMs02ZZngFzpFScq4D-5IRo1tiDOw-RUrbZZEx1iZUZX8xcJWE_aiawuWUP2BpfctohQHCsJyHhWNGJnIsj7Ro0jUMGuHWzzTERd2_ThbA75kV9jHRYHTnp3qbYC8jqvcKeT4tYx2QQpFMXtBccuwUQaXlPbx9TizUlB7YmvJX4ZM5dMitQ3L3VGCJQXY5hdpSp-CDLpjCiGoHcs6Ta0XPAPsuFmTYDy3EOZjYemkeZaNyvda5Hrux5a8M3bxm-zpbxv1hlRiEKD9QDuh8EYpKCd-xAmKf7W0ZSyE16VDSCY78TC-CRD1XooeBZj-Z0O_nTGmUPYNz20S8mwOTF2J61_mWwCanL_kq-_nI8-P7IagBL8hlLX13Da5QoxjbPJFNE85SvzKRMDcWO-FooES5TmrgnGnHqFtz-XThCaBddRoIUm70adK1XSSZac

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0648
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1

43 B
105 B

64ms
63ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0648 43 B
210 B 75ms
56ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 0648
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1

23 B
163 B

226ms
84ms

Image
image/gif

23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ
Protocol: H2
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 13 Dec 2023 01:05:13 GMT
pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0648 23 B
163 B 299ms
92ms Image
image/gif 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi8vbvGATAB&v=APEucNUsqyeCrhrmfM3k-jtslPu0ZPMr9kmSvnY9Ciy8Fdixia1_pmQIBEcYJlPZW1cGOhZNOKXuiIPXsr1onVNE0zDhzuSRairJKM7WNMcQY4hq7BRLAmjk5mWoTgPV4KI76G1oE1o7Vg3HQsiVhbsqrHQXCI1i5DlboC_K6LBCYi7fRipD46Mv6C7GECUNJjHQ0QKJ-WGLurazw6eN8AjON1teSFALyQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 13 Dec 2023 01:05:13 GMT
pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D78 0
23 B 68ms
68ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6610498064658&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D78 0
23 B 73ms
72ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6610498064658&version=m202309260101&ct=77&x=1&cor=7678771166717764000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D78 20 KB
14 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DU4fQrM-4VMuIcwr474Dh1qqTL-mYs67nSM94QeTqwgKqDkUMoqdiq9nsL3a3H-1XZJVaZbu4PG49C34zvWMAnBgcJEO86OqJK76gobWKkEKiuKI5vIiySFWNpPwlZosL1sX_urKNI8sUVoWeFRySSk2t09YxWRNnS4Rkd0A3iPlItnOA&cry=1&dbm_d=AKAmf-C3loXUa6MIfAG6z0PZcvZbjoKfQ1iiKEknP95CuJghohO3v6117ebU6d2agp3khsn-kQtU3Jf9-bPHCgW08u2jjaCtMpFcpbuyQDz8lSfmsnLDfm9e0sM_4XcWP4506czCwzu_jM737a0pRIHu37TJgAz7-iDAzsD9xGZOXbuvpaYmXIl4aPO8XJ6BjgSXQE_OtOBQfeOdmGlPV8UvJ9fRBh9_kg8WsDWzejuat4q5nl3w-Lp790cgpbENJRcEZ41nHu_nq3bCjsTDj9Zfg0K3Ybr0GuAZ0e9Ap3VhSxnGzdZOQsmE1jBUa_RHTIn8r8bg2teNUmrNr9NL4WKOXy31Ag1YIfmP9ZG0LLfjof_PckdS98Gl4Z8a_vKWWC4SFKkb8rxzQVtFWPdVALQAyK0Y5a75qMCKKmRUdqj931VFC5WrmCHs82A-u6N6PTopp3ChT86__Zkwqh7odx2LjEcPVDejWkN09bNs9_x-iMuUf-NsGtmXOJ_Hjd9WaATX5q1jozxRQ2OLJup4acYx0iYWxIrSVq4fACe6xjmJLqS0hxX8z7PzNI1NGwxNkPjg3KX4uPleBCnYEQNwjivOKs-n9-Ql07sxcHxUG4C4ZF4xrQq_kSthls1qAuy-9E-n0vvPyhZgZY_56j0_dpZdO-ZEWDrnSlIiI-aRnStuEbyeH03p8VMsj9bgKOW3fq36E9DfYOn4aVbh-fClQAKTifS8KhCH_zXzBCkRaxi8qxAiWcwsm4P81dUCcVOwNBJJycbBkjg9KWnAN8Rhmd21qwEmTMEQodePz7wNOah07h4j5V710aFAV4Z-PLZotrqVQwoANZQv50RDCioTse282x7E7Y4fhMFOGnbZCV8WXTsMAilxWNAXMExgPp57cKmpCfvKB5ljewoVgoEvctuD1FBPzLm6xS5QSuXwvqd6Tj39SCNY8pYyLQqGV3I8N07OY78KxzQuDMeJlZGTx2hwMByPr3b_Lnj6qQrX7Y2anxGrUaqPF_xBE-Azyd6igPtqD6HTUoYMMWI4CUAfEFIZQXSqDrTXW2PXMxvCmJPArsidbbGsgV0uurE5EkGPcEOt8OsL1F1UZ5_DEDhtIdBrjBWMUd5dDfQGZJ9ZsrniH2bGeCB2isjRTwMvYfvlWz2r9rwTGvA6uzdESJO56uesaTGUHVp4Y6Jzb79i39q6VfZBpIYBOeH0ZPFUHf3UIOiYpeSj99lhJ4Nk_8nXHo_siYv67WjH8O6wwh-BCAvXZgD9eKDhbSCe3z9GEev87yzz8KHT99WhDUwbxLn7nrVXAYz3EKwMYppQs-falEga6TGmmGs-RDM0rKyYFOqLhgmTX3b8zfxpiJtKdobDN7XrbxcbleQPP8oApD2W3snEjvnHKq89-LRo4eObJmlD4fhIrr7Vq0IjddjVMhc7z1JSkL5cKy7ObA8EyO7_h4_iNDo-aS4m6EmLLmSuE94m0AozbLteyCaRGmKK5EqMni4bMrynhpjhHZqx0KMUmo9REh9cXgn5ZcUJTClUqDIcDP0e-QDOxt6ATx8BXWBdIbp7aQkLAI5tBHjCBN_44OsnG-4M7JgfCHkidATmWe3r2r9PooI-1BrKJp_GL-P5Y6ctft5HcpSSu9SMmVsFXS0eVUKEXw4nF1LjsD-eSzPkLDQiPvB8qs1HO2DhDazfT4UpYPY9_N4MbaNSmwa7FeaBp9j0nNCKIAQkufxphkswTAvGnDi4F_WkdeE4m-i9ohppjqq2uQzY5EL_8SUKv2xGhx6VaeOvH4rtNLD04jfz01IV5hxlBdsgFbMcc1PQDe3OZ9f8m0AyAp-aGv1UDDY6MUFMkY6-2_ND-u6gl3n03uSxUb1HJrN7tkjEAl_n2GaFUPJvxWU7BlSvTykRzlFi2pqUpuhty2CshHKq6qgB3ZVJ9JknWocRLiugZYARm3nT1zIg_ATAYXaNbZb-gTSDM-A_4GRRZ5qw27EVxlJVStIIM9uYpNuiYyUK1SMqRG1Gdxa6Yg4qGi2b4-jpcW2LVRdMZ7V97TkmFny_JrKiUANcdVQzso_pFi9JiVt9aBfpW9Vgk7i2_io2S6BBudS0d6_djCbtzf2_a7YnXWm2efPxwls3Mcl7553hG0ZSrvLaCocoTW3-PjLBYEx4iy0p34qhmgKuPNAwG4sxFJs2Elz9lJRosDlcsii7qTpuX-UB78xzPnwUdwdvUHiUzMXhMPm21hzdJuhYuOWAbKjcDg8qvVlzZK2SCa1aYTob59lkeaU99ZdrOJQH8z45PTmvYR-ObOmDhU4YCkjiBk611EoMn-m6As88JXy_EoRvjyXc5ojmm3EKpmmwbQBq_2SiXryJhTrH2NZWu4QagbvNpKCQBLVKQNcd8oqYTT2UU2-qri_QGnpXfxdPS3vYzHc5a5MraGjRnraF8lbOGHrLTHXuAQ765gN3__uRp4Lkv4Ruob_6ipRZCH8_wdybNt5yuWd0n3pvzrNp2_cs72nPRBNKUWXe4rp_ci43BqnWPdQdRVMXHp1wuV88VNzrH333qBKIybTe0XCU4aXFfhOskVMaFyHZQjPJ808DhUL-fgHWkBSjEXgzJDCagaW_udLCbKFJa-W0dT59-GGpzvOdaX9vEPA8kkQYvP44WWxGpy-A6qTQB-KWzf6d5x0Pp66_6HKwTFFTM_5o1EAtuq96nfuOB_dnFVVgLomb_MTNT4S7PTrX8vDGmUmNXg-cROgvkIAqpRbjMAoTZjn_i4U3vrWHhRGoK-AxX8KUgwVhcmF901q1MqXwZc7lpa3WvGOpYcW55gcrQLD4RsGsp8Jmb-lWLHQK6MuMXSzGJYPIC5YQc5B6hq5CcsidORQgl5nd894a3kWQVb29bC6vNAOZuaa5AbFGh3CKoht4r3hjr9HaxlX9-fso2gYjEzrjRTmqe1DqVcZug9KGsxVf6Wb2g8wGG8V7YWn0-ch4yVUojwbnBLJSjRkxpIZ_RcLQ7rkvOf53Jn6Z_bH7b7YxatggUJAVP9a3QJVfaOAFxjfqBWez4bPrqHOwkv6UQ_hH0E8oZPaqNZ0e1Hk_ct_kRy8sTjq1LPwKquGBgsS8mH3KqXBHYOCUsw1U94PteAqyFqJ9CnAjHLjROGtUagQ1lyytjbsvbKXwBNzSkp4-eLKQORtPgDiiLtW9f-_EFydkW-RQA7Az4SdN7QM7I-E4InWnWnMQQ_CrwGqQfkUSs0lEpvt1gDlIcTwqlMSmZua3SK8buq8q-pmTjrAn5Il9SVtW43dsXq8h3JFszOdMxPA-y20y9Eq1I4U-X6u7JMSvbwucfQcc2sCgI2tokHglIMLudYP97DDTKmpCFpf1T4DtOHlbl9JbgVQUL10skcDaT6-KadjU6qUNEr_3pO90XlULbNs-J76GVT1qMFXD7yadMiClNnGFyYb77eJCJXTlNpQ3av6LKDaet-7eWU4CYX30wJjcYGmBgsS01EmB1RVFn01HNzb6SW7kGZydquHdYGQQMpm1azKl13rG6FDu_YK0XYYM14i02dK_IdLgjn3vsi31ZqLd6MQYRsVPx54gYZhamlsoXFJUUO0O8CXYEU0HIbfEyxa9fk22Zt9TnlMZDn6sJdpMaKXXzv4jPnxzQf8SIFigLzNr-l9oywadz9v7HwPRcggAZIgjGymXDHvNRkut9N4YMeGwxsBV2ttWdLKzdC-cfoyCrnppw2hEWTcv4I60cXTi3sOkMQA8IRiqsTtkp_8166FeBESpHpN5U2JItVZ8Op5yvyDl8NiuY6lDemsgzUYfeCvgY1fkBHvO_ZzeJDISntlbxHlmAzECCGejA9hQ0iv4aBEhI7eES7o8aILoC827NFqmLBsXazN-9cweDLff0r_GDYRBK_yS_A5QkDyRb9C_YYMaFEKvV_lHAR1Vzg95IBFkARu_GYMLEsZD9q3TkvPyssH0IadhLK05yJxdHU6WDrdz2TId2T70MFA1eqoAUxNPXa_oGRXtW9E6HLdY4DsjNlF7fFCIh9yQBKeENdgkORehDVJWQkT-pkT_iNARn9WGA6DaOvInqNPZztJn-mWM5U8MhiJYIu8jpnw0xgvKDhPyt7f8mfHiesoZ2VVn3RNp&cid=CAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=7678771166717764000&adk=2086295848&idt=132&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6098e1415d47f2e0452fd971a313eff5511bb0919b927995dc90c0d3668dc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14018
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E78 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trueliketop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:11 GMT
expires: Thu, 12 Dec 2024 01:05:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D78 41 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DU4fQrM-4VMuIcwr474Dh1qqTL-mYs67nSM94QeTqwgKqDkUMoqdiq9nsL3a3H-1XZJVaZbu4PG49C34zvWMAnBgcJEO86OqJK76gobWKkEKiuKI5vIiySFWNpPwlZosL1sX_urKNI8sUVoWeFRySSk2t09YxWRNnS4Rkd0A3iPlItnOA&cry=1&dbm_d=AKAmf-C3loXUa6MIfAG6z0PZcvZbjoKfQ1iiKEknP95CuJghohO3v6117ebU6d2agp3khsn-kQtU3Jf9-bPHCgW08u2jjaCtMpFcpbuyQDz8lSfmsnLDfm9e0sM_4XcWP4506czCwzu_jM737a0pRIHu37TJgAz7-iDAzsD9xGZOXbuvpaYmXIl4aPO8XJ6BjgSXQE_OtOBQfeOdmGlPV8UvJ9fRBh9_kg8WsDWzejuat4q5nl3w-Lp790cgpbENJRcEZ41nHu_nq3bCjsTDj9Zfg0K3Ybr0GuAZ0e9Ap3VhSxnGzdZOQsmE1jBUa_RHTIn8r8bg2teNUmrNr9NL4WKOXy31Ag1YIfmP9ZG0LLfjof_PckdS98Gl4Z8a_vKWWC4SFKkb8rxzQVtFWPdVALQAyK0Y5a75qMCKKmRUdqj931VFC5WrmCHs82A-u6N6PTopp3ChT86__Zkwqh7odx2LjEcPVDejWkN09bNs9_x-iMuUf-NsGtmXOJ_Hjd9WaATX5q1jozxRQ2OLJup4acYx0iYWxIrSVq4fACe6xjmJLqS0hxX8z7PzNI1NGwxNkPjg3KX4uPleBCnYEQNwjivOKs-n9-Ql07sxcHxUG4C4ZF4xrQq_kSthls1qAuy-9E-n0vvPyhZgZY_56j0_dpZdO-ZEWDrnSlIiI-aRnStuEbyeH03p8VMsj9bgKOW3fq36E9DfYOn4aVbh-fClQAKTifS8KhCH_zXzBCkRaxi8qxAiWcwsm4P81dUCcVOwNBJJycbBkjg9KWnAN8Rhmd21qwEmTMEQodePz7wNOah07h4j5V710aFAV4Z-PLZotrqVQwoANZQv50RDCioTse282x7E7Y4fhMFOGnbZCV8WXTsMAilxWNAXMExgPp57cKmpCfvKB5ljewoVgoEvctuD1FBPzLm6xS5QSuXwvqd6Tj39SCNY8pYyLQqGV3I8N07OY78KxzQuDMeJlZGTx2hwMByPr3b_Lnj6qQrX7Y2anxGrUaqPF_xBE-Azyd6igPtqD6HTUoYMMWI4CUAfEFIZQXSqDrTXW2PXMxvCmJPArsidbbGsgV0uurE5EkGPcEOt8OsL1F1UZ5_DEDhtIdBrjBWMUd5dDfQGZJ9ZsrniH2bGeCB2isjRTwMvYfvlWz2r9rwTGvA6uzdESJO56uesaTGUHVp4Y6Jzb79i39q6VfZBpIYBOeH0ZPFUHf3UIOiYpeSj99lhJ4Nk_8nXHo_siYv67WjH8O6wwh-BCAvXZgD9eKDhbSCe3z9GEev87yzz8KHT99WhDUwbxLn7nrVXAYz3EKwMYppQs-falEga6TGmmGs-RDM0rKyYFOqLhgmTX3b8zfxpiJtKdobDN7XrbxcbleQPP8oApD2W3snEjvnHKq89-LRo4eObJmlD4fhIrr7Vq0IjddjVMhc7z1JSkL5cKy7ObA8EyO7_h4_iNDo-aS4m6EmLLmSuE94m0AozbLteyCaRGmKK5EqMni4bMrynhpjhHZqx0KMUmo9REh9cXgn5ZcUJTClUqDIcDP0e-QDOxt6ATx8BXWBdIbp7aQkLAI5tBHjCBN_44OsnG-4M7JgfCHkidATmWe3r2r9PooI-1BrKJp_GL-P5Y6ctft5HcpSSu9SMmVsFXS0eVUKEXw4nF1LjsD-eSzPkLDQiPvB8qs1HO2DhDazfT4UpYPY9_N4MbaNSmwa7FeaBp9j0nNCKIAQkufxphkswTAvGnDi4F_WkdeE4m-i9ohppjqq2uQzY5EL_8SUKv2xGhx6VaeOvH4rtNLD04jfz01IV5hxlBdsgFbMcc1PQDe3OZ9f8m0AyAp-aGv1UDDY6MUFMkY6-2_ND-u6gl3n03uSxUb1HJrN7tkjEAl_n2GaFUPJvxWU7BlSvTykRzlFi2pqUpuhty2CshHKq6qgB3ZVJ9JknWocRLiugZYARm3nT1zIg_ATAYXaNbZb-gTSDM-A_4GRRZ5qw27EVxlJVStIIM9uYpNuiYyUK1SMqRG1Gdxa6Yg4qGi2b4-jpcW2LVRdMZ7V97TkmFny_JrKiUANcdVQzso_pFi9JiVt9aBfpW9Vgk7i2_io2S6BBudS0d6_djCbtzf2_a7YnXWm2efPxwls3Mcl7553hG0ZSrvLaCocoTW3-PjLBYEx4iy0p34qhmgKuPNAwG4sxFJs2Elz9lJRosDlcsii7qTpuX-UB78xzPnwUdwdvUHiUzMXhMPm21hzdJuhYuOWAbKjcDg8qvVlzZK2SCa1aYTob59lkeaU99ZdrOJQH8z45PTmvYR-ObOmDhU4YCkjiBk611EoMn-m6As88JXy_EoRvjyXc5ojmm3EKpmmwbQBq_2SiXryJhTrH2NZWu4QagbvNpKCQBLVKQNcd8oqYTT2UU2-qri_QGnpXfxdPS3vYzHc5a5MraGjRnraF8lbOGHrLTHXuAQ765gN3__uRp4Lkv4Ruob_6ipRZCH8_wdybNt5yuWd0n3pvzrNp2_cs72nPRBNKUWXe4rp_ci43BqnWPdQdRVMXHp1wuV88VNzrH333qBKIybTe0XCU4aXFfhOskVMaFyHZQjPJ808DhUL-fgHWkBSjEXgzJDCagaW_udLCbKFJa-W0dT59-GGpzvOdaX9vEPA8kkQYvP44WWxGpy-A6qTQB-KWzf6d5x0Pp66_6HKwTFFTM_5o1EAtuq96nfuOB_dnFVVgLomb_MTNT4S7PTrX8vDGmUmNXg-cROgvkIAqpRbjMAoTZjn_i4U3vrWHhRGoK-AxX8KUgwVhcmF901q1MqXwZc7lpa3WvGOpYcW55gcrQLD4RsGsp8Jmb-lWLHQK6MuMXSzGJYPIC5YQc5B6hq5CcsidORQgl5nd894a3kWQVb29bC6vNAOZuaa5AbFGh3CKoht4r3hjr9HaxlX9-fso2gYjEzrjRTmqe1DqVcZug9KGsxVf6Wb2g8wGG8V7YWn0-ch4yVUojwbnBLJSjRkxpIZ_RcLQ7rkvOf53Jn6Z_bH7b7YxatggUJAVP9a3QJVfaOAFxjfqBWez4bPrqHOwkv6UQ_hH0E8oZPaqNZ0e1Hk_ct_kRy8sTjq1LPwKquGBgsS8mH3KqXBHYOCUsw1U94PteAqyFqJ9CnAjHLjROGtUagQ1lyytjbsvbKXwBNzSkp4-eLKQORtPgDiiLtW9f-_EFydkW-RQA7Az4SdN7QM7I-E4InWnWnMQQ_CrwGqQfkUSs0lEpvt1gDlIcTwqlMSmZua3SK8buq8q-pmTjrAn5Il9SVtW43dsXq8h3JFszOdMxPA-y20y9Eq1I4U-X6u7JMSvbwucfQcc2sCgI2tokHglIMLudYP97DDTKmpCFpf1T4DtOHlbl9JbgVQUL10skcDaT6-KadjU6qUNEr_3pO90XlULbNs-J76GVT1qMFXD7yadMiClNnGFyYb77eJCJXTlNpQ3av6LKDaet-7eWU4CYX30wJjcYGmBgsS01EmB1RVFn01HNzb6SW7kGZydquHdYGQQMpm1azKl13rG6FDu_YK0XYYM14i02dK_IdLgjn3vsi31ZqLd6MQYRsVPx54gYZhamlsoXFJUUO0O8CXYEU0HIbfEyxa9fk22Zt9TnlMZDn6sJdpMaKXXzv4jPnxzQf8SIFigLzNr-l9oywadz9v7HwPRcggAZIgjGymXDHvNRkut9N4YMeGwxsBV2ttWdLKzdC-cfoyCrnppw2hEWTcv4I60cXTi3sOkMQA8IRiqsTtkp_8166FeBESpHpN5U2JItVZ8Op5yvyDl8NiuY6lDemsgzUYfeCvgY1fkBHvO_ZzeJDISntlbxHlmAzECCGejA9hQ0iv4aBEhI7eES7o8aILoC827NFqmLBsXazN-9cweDLff0r_GDYRBK_yS_A5QkDyRb9C_YYMaFEKvV_lHAR1Vzg95IBFkARu_GYMLEsZD9q3TkvPyssH0IadhLK05yJxdHU6WDrdz2TId2T70MFA1eqoAUxNPXa_oGRXtW9E6HLdY4DsjNlF7fFCIh9yQBKeENdgkORehDVJWQkT-pkT_iNARn9WGA6DaOvInqNPZztJn-mWM5U8MhiJYIu8jpnw0xgvKDhPyt7f8mfHiesoZ2VVn3RNp&cid=CAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=7678771166717764000&adk=2086295848&idt=132&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjQyOTUxMzY2NjUwMwogIHNlcnZlcl9pcDogMTM5Nzg4NzQzCiAgcHJvY2Vzc19pZDogMjE5ODIwNzM5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 2D78 0
869 B 207ms
84ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjQyOTUxMzY2NjUwMwogIHNlcnZlcl9pcDogMTM5Nzg4NzQzCiAgcHJvY2Vzc19pZDogMjE5ODIwNzM5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjY1OTc3NjYzODAyNjYwNzQxMApkZWJ1Z19rZXk6IDE3NTQzNzAxOTU5NDY5NTYwMjU5CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0xMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODE5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTA2MjAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x8f56c39731acde450000000000000000","13":"0x83d8dbf4c771cbcd0000000000000000","14":"0x3fbe54dd3d8f0bc60000000000000000","15":"0xddd2a3479f592bbd0000000000000000"},"debug_key":"17543701959469560259","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"12659776638026607410"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ftwgnaj3rhus Show response
hal9000.redintelligence.net/zone/ Frame 2D78 12 KB
4 KB 204ms
50ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ftwgnaj3rhus?subid=&gdpr=&gdpr_consent=&rnd=1702429513084428&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 59e97432160422770dff71bc3cf23bfafe727fca659bd13d12a5a0a6753bfee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:05:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4231
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 68EB 640 B
262 B 77ms
73ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7E78 89 KB
31 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 42 B
66 B 69ms
68ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-43V7roWCISpbVAkIHnY8p8dxH55axR0ySv1MX3TssOQhHhpDUHcJha0Dg28IuFnYfQKT20MgjwzqXolDUvDc5QNNj0WgpU7yoHvLXAkZDXDaxMM

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7E78 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:15:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7E78 20 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 13:49:15 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E78 203 KB
64 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 01:05:13 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A40A 42 B
67 B 70ms
69ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMmJTvBQ5963GYo-Sp0H92X3ImO51SGI7ws1RXSHAQtoF0hG-biFdIVnqbbmJsJNwn9Sq2Bi0w8KXenIPVV_Nu7q97mXl0OZrJg3Yi7DV7pNmoQxetjD9VCQnjWEr8vqUjainXKZroLuKiHIwQfHtOoAo-&sai=AMfl-YTRQwCoGuN4Qb9tdw8GoNvZ5oGk3stPIufGBW2sYikorxR_4RZ7Y-hNA0ssPSS54Ddoj650V2O4CUXNgTysRMx36blOlLSyvoXj-ADIcDG5XR_x7QXvvb-Sm-MoA6XmTSGcHYabEs7RbM1O-8jw&sig=Cg0ArKJSzD2nWa0DCQNvEAE&cid=CAQSTgDICaaNpiClcweQWIIWkX8DmJ-BvXO4G4Hq_9bjsOpIBV5jzlYqQ9bAnyrPcXwV3w2nN7xzpkzO59Bm5TDTrg31_va7lAkFvWpyGHZ2VBgB&id=ampim&o=999,363&d=290,280&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=386&tls=1392&g=100&h=100&tt=1392&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B563 38 KB
13 KB 31ms
30ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B563 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:27:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4427463042199225&bg=!Z2SlZCvNAAY3kmNgF5I7ADQBe5WfOAWPGS2Mjn3M0WFj0TZKb4BWZuABe3JgfhAkm6pUIoXcUp6w2p8IDAIlPlaALZpTAgAAAUVSAAAABGgBBwoAWzuBtHDxB1KTf1pwj2sCE_Yw1mwsHCryBAHOG7RzONEReG2Y4CU4Ozha2iqZ9UUnOEKrtUwQlGKN685tIfmV9Xs-mddBf1owo3WALedKoLfQRU6Wh-1zWhHTjYyZAwMK054AcwimC9b4QwlgoUtN9zxt9dzSSsoDhjTEBW0L8cQhgs_yzpoJ9Qhhvo7lvKGL_XI2yfuiu8KrxdnFVcVQFhWAxPVrqACnCzvf-iZPWMHLaEFexDs7r1IGPb0yWIMDtamIpa0VPgvsmtK_fQ4xyj3oTgTkletSb0LuYxv3yROxGkdkic2OJkrhwNpEXg1C7M9gWq8s6qrqJv1FgC_ebV9X_gYMVHKI772rXN-PUaWJsdmdG14YZhJ5mm8xN6WgEL3Gwjp9z7Hcyvr5E1edHOyLFoH1QtvebexT67yv3uT-HsG0z5byEhANhkAIVS_kIeEBw2zBfQ1oCPrjDL3drprthzp4BnjQ8A-snUMp8dUn2v-puKHsy6nxuHF1wm4bDqsQK7onw5tnSs6KtD7jK1NoDxtXfzbkVyUuCRk8sr5s-fbAyG1y1K4QTO7cuwz5D2DBFDnrkkgIczTnSyMMwvxg09erdo7ulJ0mEyLWmfzUPCGgML6wBBgX1oxuoXqtlEZPH1oezayqeUcODaXwKNTYIzjHk6bhIeYCTQ2S1bczXBciNuWQGFrjkfI0yW__1ekRA-0LvhxqCpz5IvDeoHoaYEGngG3Fhpudh4gHmNKAAFryZIGBl2wuONgEELELn-OyCA-GogFcjdD2pA2ClgK9o3ek6oL1rbLr6Ha3lN45CzX1djOa08i6Bdwgnpz9tKN5qADoybfkWbhrilbmde9N2c-fSMr3EuiomWniZE-5SWgsefnspOomZ0saIZ71BpBl4kJnxnofrZvBBGMizTkAebzYqYagJw4KmVTyAhTpjbCNn7J3J1nMecK1Pgip8g5IIsx14WXKwL2U_iJJRPu5zsotkuTgjrU6oJyl3X84XiQ_gndiqqJ2a3tOgFZmRraP8XAaXd1lyj5mkO_3VB3QBPFYl4_1A8K2yWaCbsuXWU575YuITjX9C_lGMOwF8Nvbgind4HujWvgO2vJoWHjF5uvKZkkBJCGUuOH0me1zboZw9vUsmwVha9PvolJ1FcE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 68EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1

43 B
61 B

53ms
53ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECJzvaSD8CMFL2xn-qB6S9I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 68EB 43 B
111 B 52ms
48ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 68EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1

23 B
163 B

83ms
82ms

Image
image/gif

23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg
Protocol: H2
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 13 Dec 2023 01:05:13 GMT
pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENgF1-5poN0AwfSf59o2Fpw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 68EB 23 B
163 B 92ms
89ms Image
image/gif 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNX4WzzYRM9HwuSZpYiQbhlFpC0igN4C9x8jaxLhtBM-8oK5SALyKorT5DfBW75EV_T5bmAXw9LbRwGLHjnNNvwUA3wqzODOb3C0wncuRQqCcR_uE_zfW2YGCK-xBdGnYQvFtoPVGfyoouJwYw-q07yihi1414yxGJTr-8x9_3NyQpT-c53KmuCp9HV_AxcJClDmnidxD4j51Y5cR0WMClIW0Wwxsg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 13 Dec 2023 01:05:13 GMT
pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F63 42 B
174 B 83ms
81ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucQXIfovCHo2yRbzRyIXCCBG-J5F_6_BoGcHqY7p-9AXktrWkDXSHrhaHlRlP_T3Wy5fyJjg4WjUpw3KR1LGcNvBZAmcaZDR88I3nqiA_dMyWHqtCap32I1Ix5HIKHwOLfSfv73cZS-qdBbMyUGA3rjGJU&sai=AMfl-YQFZDh7manOUaIyPbE1ex1XrTOcV9cxzENLEkwoPWrH86G04wGokkjB2m6GU_Em69Bd80weQsnulhFTQ3q6FCz_w9lDNzVqTRIpMM2iQFChwD5x0OM8gCJ7qIf6&sig=Cg0ArKJSzIRvAGq6bjYkEAE&cid=CAQSPADICaaNjQiMsBxkEJJImFgVt1hL96VoLWsCNz_25ezFEsjCQetjEKDuASwCgHkxl-TeGDJwISlI8nUjthgB&id=lidar2&mcvt=1011&p=0,0,90,728&mtos=481,965,1011,1011,1011&tos=481,484,46,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2549204261&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702429512478&rpt=423&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 0
23 B 75ms
73ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3490935957235&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 0
23 B 73ms
72ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3490935957235&version=m202309260101&ct=76&x=1&cor=3751847125162962400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7E78 108 KB
41 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bs1PuH6xU3IdLbbX8qC2UseL2fteh7aKeDMkUSqmyFNDYVyqknR78h-fXdwJYtVv9BPRVU-a9vmwlBgg77cfbh9nsKZiw5MI92Sgoou5vtLGEVZMBW6DByRmea_umjgBDRD8N1GRYDZaq0fq0u37557Vu0IJcSX4GQEcjAAFZZFzkDgIE&dbm_d=AKAmf-Dz26qN9xVOp8eWl-_EfhpXgAYwgOJSfv8BVgDxqFWJADDEKkuB9l2nGbVkxYO2r3gq_E08Jo7FzGsS5jVNJOEh_a6GRUsKOTY8X3-a13Pyqi7h09vA39n1Z10TCQxsv8sZSypiEzIVcH2ZjN97izlyX3GS-QDdGtDJeMCT3rE8QvapJ1YGeKs4MbwwysWc-L2X3gpAd0JAFX3ZttqkuenAI5iJoCvh57BwesHDL-O_UimoRKMtq2s7UudYaHXX8GYXf54PBmWcwicmJM9bSZ_2Pwl7TXYUttiaMY_8AWDllA4JqDMPGmpoPf1M8OwRgCzqn4fFDaT5Bmd_W6Z0U5TEJzP5K2tpTf6-zzdzNY2PyUTM0j0d6OJrEDz-nN5t9RgoB-NmFhYACyL9ae3wPzkMgv2f_3sPXt52wZg7zkvt5X3iz9DNltrM_SrVEzVKYAZ2aXvceLcvgV6pzpiKTYAIkFzkrtUczKTLushLbUbmuhj8pc1uEpmyeTgDjirvD91JqCegKu1_PnfeqlYzCxSwfMPjOKytZDjPytTXfhDdhq8x99RIPsE-0BICx70hZwiyFRK3968ofvEic9o4Ifq3r8pmNRSuzYwrNEAAMUHoQ_jkfkz875IMAskSbWl9jVzDVmabcpv-jBNuIlhz68W4IcfmIOxvUs-2tYMVTyeFBMZ71kHzWLPWFF1I94w_-kcJS-N2h_hjNvoVelgJpItf9mTHvfrlZdOIGYK4Aovm0OrfmKrA_VA_VK2thxshBUakN8B_W1j37f-szMMIzVLHM05o9Xe8tw_7xwBnHlCF78eWKBCTjeepABWeuO73cxqv18vqRytGHQvYhs1TXJRjrGxuJwlP8qT8VqGswohCJ0OLZJ2jbAWedsgK9Zos_7cZAUpY2DYUsBshMsNJN7pwoVdasZ3KqS4x_srhVsPvQKdjwrU-U9d-jpeu2yPFdtlRB4TKAhdnxzbDobnDbIB92I0drBvAE9ZwZy_6sCfeMlqaESXtKqgC2WpBXmRdUePuc4Rn09Y0crK0qUZYTEk8JtHb9Pcs923oIOenT1n80U4mxZVusyL-OphaEGt8x95vPjfgA0pHfnId6o7RSepQyfwjxg1mhJs4LeWyQDmRRpXE8C1iMw3ncESCp98SVN2-AGdxsGLZW4ASvnFawscrE1OUOBBZu9jrh9rWQfW7v7x1uEMEqhbGMf2vWgq_BVmZQy8FvqoLkIbJ1RD39ZdBOPbA08k091IbJ_EYYCCnkTuH1YbpqpckYiH-KQFzs9LhgA1dgd4aMd0N9kFSBS4PCAt404Uzq3H_x5dh0-h9HfXGjKOHjRq5b8fb77kssCr2VWOKOcUGxiZhhZrJnfEwPyENjkI-BPIYi8okBJNBo_GQZcetRpTPEx8fGtJDSTvpT4mGx0VTxe_7dd97T4jGnZwf4PJ1GjOCnACavKoFjOQkcYB1TX8YidRoT9ShuUS6zZekXSVZIw8NQP2xURflsHYNfO6HeOY_Bdk2cF0pBe33EatO4FldCQI1kBmwZpXuZ1C7nYnzwraIkpBdamV7SMePea64ert0ue-l8SvHkBtbZAnDmbHoaCwbEPF4x8pIuFfSA7axoOd6DhJA-geG9shSCt4BZdW1Xp28BFYkpJwudwxN2Uytp3Nv8OVnr18pXdQcsDk-GBO4AHxSb7Rf-Kewmsz8WeahJ9RDP6iVBIznC6S4xD70jBaVBdi0o4yZTMgbVV6lpW2BQrWATgk0WXo-vTVyJCPXOttiTs448FedBBW6zRcKJXzSM40RwvUmSBPX7gX8UJajL7JqNqRH_0gr1KJTaldjfgPKLrHA745sM6vwx9S_CYiJ24VVhQyUBZ1cv4U2lFgJuctLYOv8eEcYUTPbvQ1FINXdXDOZOdXN_nHVmjoINZ1GPyOUhzE5KYo-OQT-_XZmDer_PifHrVJuxgyuVCnDLkisllTErJSuKKMNaykjaIj-BzikCEruluUjwszq6GhCIdtWXFX3pPHJLLMT0-E-kfZnBqo87N7o-073K26epfX50BwsNv_kYQndfjS-XhY2GpCNJLz-8sMiX5BL_Uf5uV4v5mdJlRVVxO3Q8QsuiJd8dSG-ex9nVa89s8GY1k_VSINf3xdZVO3O6lLIJqHgkDXoLgkaxW5p8b63ry3wZ-SBakBQGWthkRV6VSYXcCAAKmwiiMiQCyQO75nG3S8Lajp71uTazR_QBe65D1NOU8wzXWHK3D4jzGXI9slKHVWNpx-7v1sUbOMo9m6mZAQQBIn-Ia75E5_5HxEkBd-7ipcrNAYOpEKZOC-_0N4EO0J4mpwyJqUgPxfyaw7QT2BbQRyYOsIMWZd52sqkV14gudZEG27Ocmp-z96L0kfOScnmWX7q4F8zzeuB7rwzo7FmV81Bl9VeA42ws7p1uBG1DWySxFYGZthAbSDLmZqD70qHvqiZTjrdr6MwY1hkLrAiGF83LUMcsuIgGvDFWP_rnTIChndBeUcTXl8FSa-9a46Y_KXeU5lAPG1OcuWNJy3_nLYIiYToPN8QvEBlb4BBwxcGrr5pFSh_UaV-CDVgGboJiIRzji5o9_llIneKtBK97RBeh3zssqlNCAIUauqQxMoioicRhE2GT1m2H8HKauIwMu0LbhtpwXxhe21L-SJMv1G35IeZe6Vwq_mMIo4A4kDVD4DEtktM-FADwQGrcrrCjoM-fQ5b4GRU7ma-kbxlLzhdvJ85BQj8b6GfkxeLYcvxKu15PUdjkXQ27hF7mVIefjQVAMKyUnaiQeKA-10M9KaVX-wR4-dmXwarWu2u4gqpZrmBd-cMCu1MXkYs0DR1Xr5SsqXleiWHcpA6xkFGPMQ93D19QFfiXVES3rMUQnjOhFwZ1NUFV6b3q1u78Jwxor_XcUoKrBBQlAKigYWPvovS6jPS4Ifo_pWy4hRHAEGnv5xpqLlfA4pKKIdVcBvLBCqbOBraPMZQ00t79R14EjPr7-3E3FKmXQ1oe0bI4vTZXRbFIma6_WxFLnstTyI-1Y6X3fuFH8cv3RcSG_t1vpBe2IhRcQa73qIuAYUhZz22c29oWBcpP6hz41Y2kkIBt0rEdt3f3SJc2xUZF30WyFlcEaCUzH059ENO6_1p73BuIwxXKbj9GncR3hgON2E3mGJ9LGL_MGJFUI1DwmapONIfFJZaf7TvbLoH9kIo3QMafsgOnqUnEBSY2qPseVFDR3EzRwANcZ70GNgpcEZDtn9fuMTIlsLdus_oHorB2eBhE1Ra7kgEqMYjdwcyLjBka7cd-eWbTgXvLVufKVmF1leDaDYpT36xz-YKZceTFFFF2llU4pjYoH6H79i_D3_WPvHtc9FZCLI0gnyuChgzeBv3E02oA6zzxwojvXG5Wq_wa3Na9q_YETzJ8lXrXdX4gpB_AaPKgOSVwl_eIGHZQ8YJ17DpnnTP-oGTQ_UMkHywzRiFme1g3bwT07Pdg8iR-u_io6ly_fBVH4NNurbgCP2JQGv38GD4N_6LyFmZrqm3ZKEwVnLzExASpgMNvrfWcPoqW1XoKNrXNFG2E-3yLEo-4obJdlrtMNHgsxMnhq7F69yOcHH5r4qf3hBPI8PyCd_PtjKr-Cq-6PnlfYj60mbT7SoORsIGqD1V7a2iYdlWqI7xa-635ewZkb5OujhlAB_VdbNr-wPxfGFqNMEE6ha_jWSB4xeP84QjuzDUbULrqJm6h-X0lY8QfEQBNfq9JNfTCsJSiMbWmVq0qZVdGAqescRTEZgnrjPKhczysyo2H4cWw_8CvWbAebBhic_AowO80jGxGxCweLQ3v9-2q1YYm_oQyMd1AiiIgou0J5E6grqhwwrPn3Qv3hfuOkTf_mupVQnpixX6uBTXIYOMnJWfJEcB7Kq-cFhWvED9r1zk_I9wJ-gxaHMNkKARb7x5vywOorIbSjfoHA3K72h11skFrEgY4yDM93bbe5HjQchjEvb-k_IyeKjPxdB3UdfJSOdqexwAfKCUWU9oWvg0uaJAaaapADSgd0T9_wFBYQXfdDDmM4h9z2JP&cid=CAQSOwDICaaN_5gEH85SXyeoIaUV-u6SkRyssUUyhOHZq1yXFnXdXTtYQTSq-ev249I7cQjc6DUVF_hkkafHGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=3751847125162962400&adk=2086295848&rc=1&idt=181&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d25051289ab7ac77b1ad5fc22e9b599aba092ac44c9cde7d3db2cbc63e89d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 2D78
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

257ms
163ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 34051bd68b5c20b6286da551e846cace86ead29d0b35bd70fcce62b872030602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 01:05:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 11866300004705704445010012537007
Connection: close
Content-Length: 1324
Expires: Wed, 13 Dec 2023 01:05:14 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 01:05:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 13 Dec 2023 01:05:14 +0100

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 7E78 256 KB
77 KB 301ms
78ms Script
application/javascript 54.154.164.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20338656165&bidurl=https://trueliketop.org/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j4wfkbajgeT4xUhG8IYJXZ
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d90052e947de35f63cb1c14e7a5f7009b5bba9cae17dabbf38b340450e030e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7E78 111 KB
39 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Origin: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7E78 11 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bs1PuH6xU3IdLbbX8qC2UseL2fteh7aKeDMkUSqmyFNDYVyqknR78h-fXdwJYtVv9BPRVU-a9vmwlBgg77cfbh9nsKZiw5MI92Sgoou5vtLGEVZMBW6DByRmea_umjgBDRD8N1GRYDZaq0fq0u37557Vu0IJcSX4GQEcjAAFZZFzkDgIE&dbm_d=AKAmf-Dz26qN9xVOp8eWl-_EfhpXgAYwgOJSfv8BVgDxqFWJADDEKkuB9l2nGbVkxYO2r3gq_E08Jo7FzGsS5jVNJOEh_a6GRUsKOTY8X3-a13Pyqi7h09vA39n1Z10TCQxsv8sZSypiEzIVcH2ZjN97izlyX3GS-QDdGtDJeMCT3rE8QvapJ1YGeKs4MbwwysWc-L2X3gpAd0JAFX3ZttqkuenAI5iJoCvh57BwesHDL-O_UimoRKMtq2s7UudYaHXX8GYXf54PBmWcwicmJM9bSZ_2Pwl7TXYUttiaMY_8AWDllA4JqDMPGmpoPf1M8OwRgCzqn4fFDaT5Bmd_W6Z0U5TEJzP5K2tpTf6-zzdzNY2PyUTM0j0d6OJrEDz-nN5t9RgoB-NmFhYACyL9ae3wPzkMgv2f_3sPXt52wZg7zkvt5X3iz9DNltrM_SrVEzVKYAZ2aXvceLcvgV6pzpiKTYAIkFzkrtUczKTLushLbUbmuhj8pc1uEpmyeTgDjirvD91JqCegKu1_PnfeqlYzCxSwfMPjOKytZDjPytTXfhDdhq8x99RIPsE-0BICx70hZwiyFRK3968ofvEic9o4Ifq3r8pmNRSuzYwrNEAAMUHoQ_jkfkz875IMAskSbWl9jVzDVmabcpv-jBNuIlhz68W4IcfmIOxvUs-2tYMVTyeFBMZ71kHzWLPWFF1I94w_-kcJS-N2h_hjNvoVelgJpItf9mTHvfrlZdOIGYK4Aovm0OrfmKrA_VA_VK2thxshBUakN8B_W1j37f-szMMIzVLHM05o9Xe8tw_7xwBnHlCF78eWKBCTjeepABWeuO73cxqv18vqRytGHQvYhs1TXJRjrGxuJwlP8qT8VqGswohCJ0OLZJ2jbAWedsgK9Zos_7cZAUpY2DYUsBshMsNJN7pwoVdasZ3KqS4x_srhVsPvQKdjwrU-U9d-jpeu2yPFdtlRB4TKAhdnxzbDobnDbIB92I0drBvAE9ZwZy_6sCfeMlqaESXtKqgC2WpBXmRdUePuc4Rn09Y0crK0qUZYTEk8JtHb9Pcs923oIOenT1n80U4mxZVusyL-OphaEGt8x95vPjfgA0pHfnId6o7RSepQyfwjxg1mhJs4LeWyQDmRRpXE8C1iMw3ncESCp98SVN2-AGdxsGLZW4ASvnFawscrE1OUOBBZu9jrh9rWQfW7v7x1uEMEqhbGMf2vWgq_BVmZQy8FvqoLkIbJ1RD39ZdBOPbA08k091IbJ_EYYCCnkTuH1YbpqpckYiH-KQFzs9LhgA1dgd4aMd0N9kFSBS4PCAt404Uzq3H_x5dh0-h9HfXGjKOHjRq5b8fb77kssCr2VWOKOcUGxiZhhZrJnfEwPyENjkI-BPIYi8okBJNBo_GQZcetRpTPEx8fGtJDSTvpT4mGx0VTxe_7dd97T4jGnZwf4PJ1GjOCnACavKoFjOQkcYB1TX8YidRoT9ShuUS6zZekXSVZIw8NQP2xURflsHYNfO6HeOY_Bdk2cF0pBe33EatO4FldCQI1kBmwZpXuZ1C7nYnzwraIkpBdamV7SMePea64ert0ue-l8SvHkBtbZAnDmbHoaCwbEPF4x8pIuFfSA7axoOd6DhJA-geG9shSCt4BZdW1Xp28BFYkpJwudwxN2Uytp3Nv8OVnr18pXdQcsDk-GBO4AHxSb7Rf-Kewmsz8WeahJ9RDP6iVBIznC6S4xD70jBaVBdi0o4yZTMgbVV6lpW2BQrWATgk0WXo-vTVyJCPXOttiTs448FedBBW6zRcKJXzSM40RwvUmSBPX7gX8UJajL7JqNqRH_0gr1KJTaldjfgPKLrHA745sM6vwx9S_CYiJ24VVhQyUBZ1cv4U2lFgJuctLYOv8eEcYUTPbvQ1FINXdXDOZOdXN_nHVmjoINZ1GPyOUhzE5KYo-OQT-_XZmDer_PifHrVJuxgyuVCnDLkisllTErJSuKKMNaykjaIj-BzikCEruluUjwszq6GhCIdtWXFX3pPHJLLMT0-E-kfZnBqo87N7o-073K26epfX50BwsNv_kYQndfjS-XhY2GpCNJLz-8sMiX5BL_Uf5uV4v5mdJlRVVxO3Q8QsuiJd8dSG-ex9nVa89s8GY1k_VSINf3xdZVO3O6lLIJqHgkDXoLgkaxW5p8b63ry3wZ-SBakBQGWthkRV6VSYXcCAAKmwiiMiQCyQO75nG3S8Lajp71uTazR_QBe65D1NOU8wzXWHK3D4jzGXI9slKHVWNpx-7v1sUbOMo9m6mZAQQBIn-Ia75E5_5HxEkBd-7ipcrNAYOpEKZOC-_0N4EO0J4mpwyJqUgPxfyaw7QT2BbQRyYOsIMWZd52sqkV14gudZEG27Ocmp-z96L0kfOScnmWX7q4F8zzeuB7rwzo7FmV81Bl9VeA42ws7p1uBG1DWySxFYGZthAbSDLmZqD70qHvqiZTjrdr6MwY1hkLrAiGF83LUMcsuIgGvDFWP_rnTIChndBeUcTXl8FSa-9a46Y_KXeU5lAPG1OcuWNJy3_nLYIiYToPN8QvEBlb4BBwxcGrr5pFSh_UaV-CDVgGboJiIRzji5o9_llIneKtBK97RBeh3zssqlNCAIUauqQxMoioicRhE2GT1m2H8HKauIwMu0LbhtpwXxhe21L-SJMv1G35IeZe6Vwq_mMIo4A4kDVD4DEtktM-FADwQGrcrrCjoM-fQ5b4GRU7ma-kbxlLzhdvJ85BQj8b6GfkxeLYcvxKu15PUdjkXQ27hF7mVIefjQVAMKyUnaiQeKA-10M9KaVX-wR4-dmXwarWu2u4gqpZrmBd-cMCu1MXkYs0DR1Xr5SsqXleiWHcpA6xkFGPMQ93D19QFfiXVES3rMUQnjOhFwZ1NUFV6b3q1u78Jwxor_XcUoKrBBQlAKigYWPvovS6jPS4Ifo_pWy4hRHAEGnv5xpqLlfA4pKKIdVcBvLBCqbOBraPMZQ00t79R14EjPr7-3E3FKmXQ1oe0bI4vTZXRbFIma6_WxFLnstTyI-1Y6X3fuFH8cv3RcSG_t1vpBe2IhRcQa73qIuAYUhZz22c29oWBcpP6hz41Y2kkIBt0rEdt3f3SJc2xUZF30WyFlcEaCUzH059ENO6_1p73BuIwxXKbj9GncR3hgON2E3mGJ9LGL_MGJFUI1DwmapONIfFJZaf7TvbLoH9kIo3QMafsgOnqUnEBSY2qPseVFDR3EzRwANcZ70GNgpcEZDtn9fuMTIlsLdus_oHorB2eBhE1Ra7kgEqMYjdwcyLjBka7cd-eWbTgXvLVufKVmF1leDaDYpT36xz-YKZceTFFFF2llU4pjYoH6H79i_D3_WPvHtc9FZCLI0gnyuChgzeBv3E02oA6zzxwojvXG5Wq_wa3Na9q_YETzJ8lXrXdX4gpB_AaPKgOSVwl_eIGHZQ8YJ17DpnnTP-oGTQ_UMkHywzRiFme1g3bwT07Pdg8iR-u_io6ly_fBVH4NNurbgCP2JQGv38GD4N_6LyFmZrqm3ZKEwVnLzExASpgMNvrfWcPoqW1XoKNrXNFG2E-3yLEo-4obJdlrtMNHgsxMnhq7F69yOcHH5r4qf3hBPI8PyCd_PtjKr-Cq-6PnlfYj60mbT7SoORsIGqD1V7a2iYdlWqI7xa-635ewZkb5OujhlAB_VdbNr-wPxfGFqNMEE6ha_jWSB4xeP84QjuzDUbULrqJm6h-X0lY8QfEQBNfq9JNfTCsJSiMbWmVq0qZVdGAqescRTEZgnrjPKhczysyo2H4cWw_8CvWbAebBhic_AowO80jGxGxCweLQ3v9-2q1YYm_oQyMd1AiiIgou0J5E6grqhwwrPn3Qv3hfuOkTf_mupVQnpixX6uBTXIYOMnJWfJEcB7Kq-cFhWvED9r1zk_I9wJ-gxaHMNkKARb7x5vywOorIbSjfoHA3K72h11skFrEgY4yDM93bbe5HjQchjEvb-k_IyeKjPxdB3UdfJSOdqexwAfKCUWU9oWvg0uaJAaaapADSgd0T9_wFBYQXfdDDmM4h9z2JP&cid=CAQSOwDICaaN_5gEH85SXyeoIaUV-u6SkRyssUUyhOHZq1yXFnXdXTtYQTSq-ev249I7cQjc6DUVF_hkkafHGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftrueliketop.org%2F&ds=l&xdt=1&iif=1&cor=3751847125162962400&adk=2086295848&rc=1&idt=181&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:43:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7E78 31 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E78 41 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 58F7 1 KB
648 B 36ms
35ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7E78 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b303d626939d21d146c25c5e7f8c8156579d5d673ea007969e5573aa86f29688

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B563 0
24 B 82ms
81ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BS9PGSQN5ZYfXKMeD1PIPpPeXmAgAAAAAOAHgBAI&bg=!o6CloO_NAAY3kmNgF5I7ADQBe5WfOCV7lxM4fRAb_UDcbeKOaMh8xMlKFQuRGuc6wI0_4o3AeC2XbqZVSnpyfI9J5zWfAgAAAJJSAAAAA2gBB5kDNqgFI6oKwBNpC-bGZE7lQVhRqOClUV6xSoJhKZ4Jxy9J-7bQfqTeZDfYbNPlltHA0FRMFj0wJfFKg41U4rbHNL2LTKlM4w3IQSr8_LfM_mv2zhIN4gnPffLT8VLlWjzbhoNMlvcspMeST-rDxBeB8NFpYg1nLtxuMAoA3H8McATelqi_GwS3D5Ly7V6URcssNwCE_VQrsKHYqjgE_RHLD4CtRNbq4dhnBQ1aJa9fLFdcvDzLdfEBzb8P0wuWda2333pmC5PEwkEnrf3lo2dAlesVfh0Vj4Y7Qu1TrTbvC2juTq9nKFizGNypfJ26CYvRSLPHg7ehVuOtAMGCz4lZhPR_TZouO4sqZ4PwS3Cm2WvHbXkAMYRZfPa_rtiysJ7SKQbCk3l6VPipQHSiWSD3ChS6BGon7pqc2cq9uu5hiGTz8wZD0kHTqIiOEsEhws7YTB8IDa-WmTV2hFDG3cCPoBuU_pPqeEoKqo-vjeZwfxWn2LsPBojq5S6T8ECEjta6Mp1T7ohN5V1qCzxgS7sRIBQJRUpvSSq5qZHg26fTQaEKavy1N-qdfmhEr_7ECmX14s1Ju4VvBPMhVLNWlzGXL22dQ3EH7jUeJd62WoCfluFiHIrODzStvg6Ept1btbgUH1fD3-I0ZIXU87XFZUvhobYCGjWvCOn_Q9DuduPztJTSJFLHDAHjkHMGOHL0h93mevOK3500maWftEazNVCVzc45EBI9-TUlQeZsXEif2ofUcBOm1VD_f73PwMgBy3D8hteEoB2lMKvE4c9g1xkXRAC0hu0PeisuT3wqrjWCDX1PX9CZqtPWropCpkfZsH0DYbEQIXnaSFCNBKs-jq2O74du6iFB3NYUIK5_Ox2g1UtGZsyKd7H9WVZkvq-_2yjdXzm1Eh5I6NDWjuECIALmb3sexzxjy0ViCtAc-nY3vRFe9HJEnZQD4g9J7eJtv-g_JdLpzeQ5eO250owu-xA1dYTRaKWRh1Tye8MXcB3bxUHz4ztRPGefhiJNcEPCs9dZgKwk83Vbpj7zLqRTzn3d12ZiGotFeNOo-wgP-Lj5Fm-IrEE9fmj1PSqrQFF_YjL_akTCcDOqsQ

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B5AE 38 KB
13 KB 33ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 58F7 0
104 B 234ms
96ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDTd_3uM4SlH2bYBdDMU4nk&google_cver=1&google_push=AXcoOmRpliaYceS4GcJVUlolrEeAOALq2jQHvP44FfN1MbFYAaPWLIM3Ub8DbtXR0l3LkMvAjyGaCIuAbFj6eyEgEcIG4kIXM5dxag
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58F7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFLlK4DS_EXFsYxO5IpWnkc&google_cver=1&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_l...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_lnuRE...

170 B
188 B

65ms
65ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_lnuREMdEpaTKXOG5w

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmSR7kTCv62ocMMtLAU0WPwPF3Rid5_y9glSWZOJIwWcCZFF5_fdJntiMvb8CVh00ibAQYXUjDYGDVxS_lnuREMdEpaTKXOG5w
Date: Wed, 13 Dec 2023 01:05:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 58F7 43 B
146 B 160ms
51ms Image
image/gif 3.69.190.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBScP5SeQ3VyMWJWHBp5NpQ&google_cver=1&google_push=AXcoOmSZI1NAaaVgKv7GEMKVu1mXECHyF9u9W1t9Rvme9fY0y3Da2M6EXr3Z_-FfqhQ6jV-YAYtpZ0D21OoE-qtdWOYyezByOl4m0w
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58F7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECD6IgyDyrY8OxzUjBilkVw&google_cver=1&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0_a9Yvzg&google_hm=eS1iWHpMYWFORTJwSFZM...

170 B
188 B

60ms
60ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0_a9Yvzg&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:05:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRi83psgUCQO3TgbMOIT6XR-yKm-ex3LA9X4ZMrTYY3z60KsDEy-xcxOUDIIVOb9KknyStVpium9CVfukVwiAY1Xt0_a9Yvzg&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58F7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOc...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBn...

170 B
188 B

65ms
64ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyWWmVu7onF04TXoR5YhyV8

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmSMPb7L2gKN8bVuvcOa8HExdiqArmZW1xy2AhxmIxZt68Xvk4ENpPI29jeVYbHq1Sd6JOcWBnyWWmVu7onF04TXoR5YhyV8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 58F7 0
12 B 53ms
52ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgaWwnM9Lz8YSNbEOpkoTNGXyQi0TKgZTyK-BYNVlh7Jzf8wgomxF6jCs

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B5AE 39 KB
15 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:27:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 62E0 142 KB
22 KB 44ms
41ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 138101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 10:43:33 GMT
expires: Tue, 10 Dec 2024 10:43:33 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E78 0
0 97ms
97ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKr-ftdZeZDfZb_tGhutOb2Cf1QVsfa3cnl3uQxqT-5a5237XwI5UqaB8HzLIXO5Gj3oaLmaErdVuvGYsz_5CBHubNh4DlVpOQZnLYQ4YDO30C1oYC7TaJBDWH4a1UZ9Z4TZS9t61xU0t2L7DwuC-PLrhdTZPgUgsYsCbLNd3RF1Y4gZ7ToY5waWJpKO_2SomzXtttMmO3b5aatuppdgqvaVnkm6fFE7qjn-Ee7vqDAHfgMDXHPEO8tsmwHDydMh-8rQ5j0BN0nfLPPlEqSYodPROCNG8pKSUwvYVjtJWMlbEV6TKOBV0puBf8_BLaTPIoIYww1zbZeJDVR4ph4RFd3z3GbN05aTF6fEsVQDpnMuZJ3i8Q5eHpq3JNF0ttoC3RqKe2GDzMtyKJMv0FZqr9tNZIgGl_K3XSL_tbTFqId2GLc0Em5xF0I0aQgdx0-Zt5ChXQediLveVMbHCxY-nBk1eTWRfHYzfZ8xjPC-ROdvE7jyM0JY7-WNTOfKCJf2uhIAi32hPV6tig4roWHrcBDcr2dKkkhpXFEkNhIIPAhNdIz0EywkreW4YGlXKEQgZpq1xCZn3LNigHLALn8UUn86yAvjugiiOY3UfQJz3YAn7Co96KnKaA4LDQEKHG-Siv3HpWvstfrPetG9hE9ttKtRZAgZ3yppOoATIfm-j9-M6MeF8cIhIgPObDys1Ya309QfCwwJRd-Q91VUjZpfdqoXGmByE-NnVoqHYOmN2UGxXOsPtX-_UWJFuswzyYq9KyAJ5hPkKjuUPCDNgV5kBGzMij5sXKzgrL31-POauZoQzmgFsqJgKtUhec1GXqac0uFq2wU5hxgQCmPNMlyoCaZ6HJ9fe-YrfDb7RjloH-0oqFZK9KRWWs9kAIgNCXvmeteDi_B-SQejYr4vMLkFK5e0WBuve_uM3xhN3aHkOHm1BOYvowrdBSW8vAa-TaAMBDlRCSVNy09l_U-R2nfu_O2r15IiBlvmhV7UrUTu-fzUP5ofM6TddFDmtDg-rc3h77y9ZDpTN0RU1eRF3zheei2iR4u3lkPxqmiU3Nj0qco1JGhez4AaFeoyb6ZxwaVVxizvTcqr26f2ABog0bf1SKggx2_wMiFSMYcCz5n8EE8aBCTa2nH__UeZyxPsU7LojsOXOHzyigQUBTmTV8wAHQRKIcwN6_dhroCB1iT2R5gg1ZPxKo1AT0-FZiGRNQtAjbix2o7gg3TD59Uhz-0Q_dXqbuEsfr7dJDAIByLBZu0VotCuk_4SDr65IVf1zlF6zxcXsBcM4gQOamJi8Rv9ArXASRMqW5YRklDq9bKuqnXRf--yOYzgF1bYIf99K1uzRRG8-JYiqiuJ3lY511spHb13N6Bj1tqDk4-pkHbSm8iKKoo7o5QnwugYyaXlkVI2y8WiVWhbPrNPy7BXRBQl_zvxM1egM_U8kf-POzwc7NHa0mr4Je9GEdBSjQhc3XfT7Oed5UWqEWPDMuN6j8vQoYTEB3vzBhJ8QmfQ&sai=AMfl-YQEcxM3A62-Vqci47ii46OvX6xL3TGze0xOr4pinkEvFxK0BN9Q0Yk3IriJzalGerUAW1i0oHXI4XUy1LZzVsx_JR0-dUT-heo7uIg1E-Tf9P09e6Wik3HMgGC_lKWZW8ro7eVdeJoY8kEeIk2hRYcl1EFYw3xHpHZVNg1ew2lRCBRiDmeZCfRbMIxPg0oWPmLho6p1o2OKqTHkU7JC0XVxZrhwf1sw-_kBUzWaUgsFWkOJG2-d3pfDxp1g2__czdYmCAuyO7GJK6pp-yIUpDC4VBMT&sig=Cg0ArKJSzGJmnBnJCb-ZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=270&cbvp=1&cstd=266&cisv=r20231207.87238&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F63 0
24 B 140ms
139ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8624534495276&version=m202309260101&ct=119&x=1&cor=17963207481067534000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 62E0 29 KB
10 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:42:24 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E78 0
0 92ms
91ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKr-ftdZeZDfZb_tGhutOb2Cf1QVsfa3cnl3uQxqT-5a5237XwI5UqaB8HzLIXO5Gj3oaLmaErdVuvGYsz_5CBHubNh4DlVpOQZnLYQ4YDO30C1oYC7TaJBDWH4a1UZ9Z4TZS9t61xU0t2L7DwuC-PLrhdTZPgUgsYsCbLNd3RF1Y4gZ7ToY5waWJpKO_2SomzXtttMmO3b5aatuppdgqvaVnkm6fFE7qjn-Ee7vqDAHfgMDXHPEO8tsmwHDydMh-8rQ5j0BN0nfLPPlEqSYodPROCNG8pKSUwvYVjtJWMlbEV6TKOBV0puBf8_BLaTPIoIYww1zbZeJDVR4ph4RFd3z3GbN05aTF6fEsVQDpnMuZJ3i8Q5eHpq3JNF0ttoC3RqKe2GDzMtyKJMv0FZqr9tNZIgGl_K3XSL_tbTFqId2GLc0Em5xF0I0aQgdx0-Zt5ChXQediLveVMbHCxY-nBk1eTWRfHYzfZ8xjPC-ROdvE7jyM0JY7-WNTOfKCJf2uhIAi32hPV6tig4roWHrcBDcr2dKkkhpXFEkNhIIPAhNdIz0EywkreW4YGlXKEQgZpq1xCZn3LNigHLALn8UUn86yAvjugiiOY3UfQJz3YAn7Co96KnKaA4LDQEKHG-Siv3HpWvstfrPetG9hE9ttKtRZAgZ3yppOoATIfm-j9-M6MeF8cIhIgPObDys1Ya309QfCwwJRd-Q91VUjZpfdqoXGmByE-NnVoqHYOmN2UGxXOsPtX-_UWJFuswzyYq9KyAJ5hPkKjuUPCDNgV5kBGzMij5sXKzgrL31-POauZoQzmgFsqJgKtUhec1GXqac0uFq2wU5hxgQCmPNMlyoCaZ6HJ9fe-YrfDb7RjloH-0oqFZK9KRWWs9kAIgNCXvmeteDi_B-SQejYr4vMLkFK5e0WBuve_uM3xhN3aHkOHm1BOYvowrdBSW8vAa-TaAMBDlRCSVNy09l_U-R2nfu_O2r15IiBlvmhV7UrUTu-fzUP5ofM6TddFDmtDg-rc3h77y9ZDpTN0RU1eRF3zheei2iR4u3lkPxqmiU3Nj0qco1JGhez4AaFeoyb6ZxwaVVxizvTcqr26f2ABog0bf1SKggx2_wMiFSMYcCz5n8EE8aBCTa2nH__UeZyxPsU7LojsOXOHzyigQUBTmTV8wAHQRKIcwN6_dhroCB1iT2R5gg1ZPxKo1AT0-FZiGRNQtAjbix2o7gg3TD59Uhz-0Q_dXqbuEsfr7dJDAIByLBZu0VotCuk_4SDr65IVf1zlF6zxcXsBcM4gQOamJi8Rv9ArXASRMqW5YRklDq9bKuqnXRf--yOYzgF1bYIf99K1uzRRG8-JYiqiuJ3lY511spHb13N6Bj1tqDk4-pkHbSm8iKKoo7o5QnwugYyaXlkVI2y8WiVWhbPrNPy7BXRBQl_zvxM1egM_U8kf-POzwc7NHa0mr4Je9GEdBSjQhc3XfT7Oed5UWqEWPDMuN6j8vQoYTEB3vzBhJ8QmfQ&sai=AMfl-YQEcxM3A62-Vqci47ii46OvX6xL3TGze0xOr4pinkEvFxK0BN9Q0Yk3IriJzalGerUAW1i0oHXI4XUy1LZzVsx_JR0-dUT-heo7uIg1E-Tf9P09e6Wik3HMgGC_lKWZW8ro7eVdeJoY8kEeIk2hRYcl1EFYw3xHpHZVNg1ew2lRCBRiDmeZCfRbMIxPg0oWPmLho6p1o2OKqTHkU7JC0XVxZrhwf1sw-_kBUzWaUgsFWkOJG2-d3pfDxp1g2__czdYmCAuyO7GJK6pp-yIUpDC4VBMT&sig=Cg0ArKJSzGJmnBnJCb-ZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=404&vt=11&dtpt=134&dett=3&cstd=266&cisv=r20231207.87238&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame B8A8 0
327 B 186ms
43ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 13 Dec 2023 01:05:14 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame FFFB 930 B
923 B 162ms
32ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 13 Dec 2023 01:05:14 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 20 Dec 2023 01:05:14 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2D78 2 KB
2 KB 282ms
95ms Script
text/html 13.43.203.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11866300004705704445010012537007&nw=1
Requested by: Host: trueliketop.org
URL: https://trueliketop.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.203.41 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-203-41.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c71f004cfd522511bee27860e83d7bf78e1ef8295266f385b1aa0d589f5f87f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
last-modified: Wed, 13 Dec 2023 01:05:14 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 13 Dec 2023 01:06:14 GMT

GET
H2

200

activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153 Show response
5994599.fls.doubleclick.net/ Frame EED1
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153?

392 B
326 B

82ms
81ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153?

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

2fd614288fcb2de2943acbf0eb797032f842bb7c6cf4433d1fdd52d845c34696

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:14 GMT
expires: Wed, 13 Dec 2023 01:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 01:05:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 0251 7 KB
2 KB 168ms
43ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=ftwgnaj3rhus&nw=20&renderingType=javascript&namespace=21d78e8fbb&subid=&uid=1c7426816fcba1e4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x300&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq8D3SQN5ZcyTBZ36x_AP3dY6puW9oGn1lpynyQ_wLhABILGT7XlglQLIAQmpAkTCD6pwGbI-qAMByAObBKoEnAJP0Gc4Y_6U9Vol2xaufCdSD21aYvNB0BxFLu7G5erqvvUZbFxF0HzrFp-oAl7l2CyoR_L0Yf1QJ5F6g38zFvda6G8Q5MiYt6gJxt4WBkBW3okb_QWtG3p7nbtigm6oH3uo5h0ckT3zfSowOJS0SNJvChDP7Zg7G9hwLO4VbmRzz0SMfbZMt2I8c1Jz0yt0EelQS2nnYVAMXtFg9L8O88EL4q7TbLDnXONsXLHWtBQLPb37BCL4kR7ILCLt1ZhGskPUH8MVsyn3SApHjsnjSC7OIHaIsArs3DiCOlwv_ComD2V86CrJr774UqmBBqLBCCr7lVzTjsXjZOBAzCenQjFIerj8c9Ol2TUcnidMCGy8Gsktc_pS6CKIRWM6p8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliX_OySnIuDA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJEReINEwi4q-2SnIuDAxUd_REIHV2rDgCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNESYkfuZJ1zxkNvNjDDcfQA7pf2aaxrcsPIJVRGVJ2ZoJhJGAVibPcZqBKTm05cLpFQ7RwQofGAE%26sig%3DAOD64_1IIuivY85OjPQA6Pg6-JFkttci9Q%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-BACAGLFNcEkTd8W7E2l24r3Wh8pArCXM64eHocUwrTVzGBc2xFbU588keHMi2-QDVoW5tDunzigjJjAgjwbJI6hC7_EU5nZz3vtOqrKgQrwunebw0Ft5vjVkM24QjQD5Swt5UmnYvC6cqr0gSKt77kj0-PrQxxmRonSQcYRNz-F48VSHA%26cry%3D1%26dbm_d%3DAKAmf-Dk1YRiOpJOP1FfvSdQ--4s1paIuRyzNajRiql-qgizw4UiR5PwgJw0tzxOj_M8JniLsW6ANVfwW6cZ4_SX4HQUxG9tLUFewYE9ax45Sz2cmokhUozQbxJ0VCevl_GcMZ193dp8f06qAMyUkHe1Jmea_kc6Yj1pyJppZEL6t1aQ1HiMkGJ7FrUHbOJa4b0SXhF2-iKXqLa2E0Gfke7whmy0J_IvvNvF1gXC2JvBE4g7Po8k9EcPw-8ckkOxzwSEpXBnivqiyB_KDvKIhUM6yUGX2CNcBTdHyHxOJPevkWRXr4W30_1TJjbhU2zYB_0PrWI1NexSYlIR-YvUx4EkUPQCH-PexJp7OAOWi2xcMBf9GfdxV32GBqlGtfQxGhRIzFGeaY10JqLnKM5-6x0ZEKKnhe-pVE3GiLYDMw-sBNUZeNxJOIpb3o-9fCUikQSne4rYhRLcTAOxDcoLSx7KESIoZvvEyXvTZS1jVTsLJq9qml4icag-pQKnPCtWb8W8BxI9IHPevFIXzk1TtBVme47oOezD-CPUBhHqSFHRCwXqhPLdg60%26adurl%3D&documentReferer=https%3A%2F%2Ftrueliketop.org%2F&ancestorOrigins=https%3A%2F%2Ftrueliketop.org&random=1597207240196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6e493342f5f869a69cabd82f9b9180e8df2b7e2ac5b61a151f516542423d35ec

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2037
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Dec 2023 01:05:14 GMT
Expires: Wed, 13 Dec 2023 01:05:14 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 2D78
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

42ms
42ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11866300004705704445010012537007&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Wed, 13 Dec 2023 01:05:14 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2D78 43 B
705 B 235ms
87ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=11866300004705704445010012537007&pv=1

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 01:05:14 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 52A5 1 KB
648 B 38ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Wed, 13 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D78 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c920ddb3f271140e52cca4a573374e397e78c2ea28839d9de0e8b3ebb6e026f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 62E0 2 KB
1 KB 46ms
44ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:19:41 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 62E0 4 KB
2 KB 49ms
48ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:08:52 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 62E0 11 KB
3 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:17:55 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 62E0 4 KB
2 KB 47ms
46ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 00:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:08:30 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 62E0 6 KB
2 KB 99ms
97ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:19:06 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 62E0 38 KB
38 KB 92ms
91ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:00:12 GMT
x-content-type-options: nosniff
age: 302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 01:15:12 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7E78
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20338656165&bidurl=https://trueliketop.org/&...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQN5ZdyYPPzpx_APlpGC2A0&cbFunctionName=goog_wrapCb_SQN5ZdyYPPzpx_APlpGC2A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

39ms
39ms

Script
application/javascript

2600:9000:20ab:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQN5ZdyYPPzpx_APlpGC2A0&cbFunctionName=goog_wrapCb_SQN5ZdyYPPzpx_APlpGC2A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:20ab:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding: gzip
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 454765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:48 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: CLB_aTzITAz7NJWKsN0i6gInufmHPeNrruVWkBNDcnybheDSeUDs-g==

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQN5ZdyYPPzpx_APlpGC2A0&cbFunctionName=goog_wrapCb_SQN5ZdyYPPzpx_APlpGC2A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 79A1 91 KB
23 KB 124ms
35ms Script
application/javascript 2600:9000:20ab:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 9219486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: c0PQbLdW2A3YGZeyVL4M6offdeyug8NvseN1NICqzUNCvt8OmyPTTg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E78 43 B
215 B 596ms
188ms Image
image/gif 2600:1f13:800:7782:cac1:b5d6:8914:d668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c6468689-e1cf-b8d2-1c32-66fcd5dbce45&tv=%7Bc:wDDnYq,pingTime:-3,time:115,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:51%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYheKpt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C19*.990511-61634100%7C191%7C192%7C1931%7C194,idMap:19*,rmeas:1,rend:0,renddet:na,siq:53%7D&br=c
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E78 43 B
216 B 592ms
187ms Image
image/gif 2600:1f13:800:7782:cac1:b5d6:8914:d668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c6468689-e1cf-b8d2-1c32-66fcd5dbce45&tv=%7Bc:wDDnYs,pingTime:-6,time:117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYheKpt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C19*.990511-61634100%7C191%7C192%7C1931%7C194,idMap:19*,rmeas:1,rend:0,renddet:na,siq:53%7D&tpiLookup=ao:trueliketop.org*&br=c
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 52A5 0
103 B 44ms
44ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDTd_3uM4SlH2bYBdDMU4nk&google_cver=1&google_push=AXcoOmQHKitN0E_5vIowUjKD6-0_IutGIVZL4RbG3rAQjJ7-enqhFtU__BpdG___DJhImP6oZtI3dnBblWhIq1Jy_QFlt8SijMZn
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFLlK4DS_EXFsYxO5IpWnkc&google_cver=1&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-Hp...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-HppVFt...

170 B
188 B

39ms
38ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-HppVFtEebMlQfmYE

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTg3OTA4NjM4MTQ2MzcwMg%3D%3D&google_push=AXcoOmRFgNF8ARpjvxBeLd6S79TObVuWOwjHyTAneWhkONC-sSBxR37tVJYrwdzaLZy8S6wgY73EO4x5YYo-HppVFtEebMlQfmYE
Date: Wed, 13 Dec 2023 01:05:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 52A5 43 B
145 B 38ms
33ms Image
image/gif 3.69.190.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBScP5SeQ3VyMWJWHBp5NpQ&google_cver=1&google_push=AXcoOmS6yfNNvvhFPADCWnY6LfEXEo0GNcvoADs-6DkdpzomAg-B3tuNByvPMJgmFFA5wswWuR0qKIsJlbv7ANi1Kl11DJWIB_5G
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECD6IgyDyrY8OxzUjBilkVw&google_cver=1&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396TD-9F&google_hm=eS1iWHpMYWFORTJwSFZMa2...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396TD-9F&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 01:05:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTObNd58xOG6aEG41pLQGR_NooTK9rKz0gNDK-B9c76eSVJoG_oS2V5Xqw2T958U_6RES93MYqc-6BzMxlDCYz7396TD-9F&google_hm=eS1iWHpMYWFORTJwSFZMa2kuZ0x1NkhZZVltTTNaRmtheH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52A5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENy9-PL1UgoE4iaXsks1B3Q&google_cver=1&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUDWS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUD...

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUDWSiIoGOI--PEKsZC9X4V4K

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA0OTU0NTc0MDA5MDcyODY5MA&google_push=AXcoOmQBcTvW6uroTY1-m2mOACV2GYmPsSVeaLvrr2WRL7cu2crpzDe_feyccSgmzTWHq1qolESSUDWSiIoGOI--PEKsZC9X4V4K
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 52A5 0
12 B 41ms
37ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KyHI25IQqLbhjca03yCmPl404Mrqv0ACMPcBB1zUrdmMeZPeJYLTvzDX4

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 0251 5 KB
778 B 38ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 01:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 01:04:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 01:05:14 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0251 17 KB
17 KB 103ms
37ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 943d9321f29ef97f9d942e888000e19366124162e8276d75e711ee86ed2bdc66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:05:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0251 16 KB
16 KB 109ms
39ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: bc5ec53ba96ec0c7ad1641b216002e4c134cd43e481c7ed102a306cb1bdddd03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:05:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0251 11 KB
11 KB 99ms
36ms Image
image/png 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 20df61b837c2852858ad3c501ca84c8d9f40452b23daa7496c134b9b80e1d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:05:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10942
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E78 43 B
215 B 550ms
188ms Image
image/gif 2600:1f13:800:7782:cac1:b5d6:8914:d668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c6468689-e1cf-b8d2-1c32-66fcd5dbce45&tv=%7Bc:wDDnZa,pingTime:-2,time:161,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:858,beZ:860,mfA:863,cmA:864,inA:865,inZ:870,prA:870,prZ:903,si:911,poA:913,poZ:945,cmZ:945,mfZ:945,loA:975,loZ:977,ltA:1019,ltZ:1019%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:51%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYheKpt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C19*.990511-61634100%7C191%7C192%7C1931%7C194,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:53,sinceFw:106,readyFired:true%7D&br=c
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx
x-server-name: dt30.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame FFFB 175 KB
63 KB 97ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0683ee3c68e5b2a6e26cfd9541f8d4b437af86a83513f491e0b3fe0d8e4f1b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64117
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 01:05:14 GMT

GET
H2 200 dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153
adservice.google.com/ddm/fls/z/ Frame EED1 42 B
401 B 119ms
61ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK-35JOci4MDFTQLogMdohcBgg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4002141751537.7153?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AE 0
24 B 66ms
65ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTQ6sSQN5ZdyYPPzpx_APlpGC2A0AAAAAOAHgBAI&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfOHXdidYedVljzQyu2CmtIf-RtHnD-ASTbOpoS_Qxv8ph3RYvYI4M13O8hzvo3cxhAgAAAatSAAAAA2gBB5kDQgH1TFV9RWODJ5o6pgeZmxWe6Kr5f0VTC-XImPGIS56TwmRm7frJQ6W3rW7O7DK_O6GGCVTgKKQnDTnUNXCRNALctUPeqe-6xiR3LLQqzmfdtJAKi17bh2-IT22ey3HdN7aotHYUBJLjNofbhx2vLOhXo9LAVoUzqNjxxPa3tQxU6KAOZzQjTWSmEyW92oJ1iFlPKYjx2ugbURhBVLYZDWNsc5yOJnjL3XFW8L2qNAg8IgwAfpqnaGnKBhC0iuWU8B8N-5h2Zyjy5g0lU5Y2fcAj37qY8F6gQJK9z6McmlKK0CD_zCQ9C6O-uQospAVrR1QQnX_rLhkj8jnl1P4kYreeAv-gJc7BXSa_ZM-S5IUdpVNeUkNBXxpQ5Oc53c5HRpxP-xZMC_RLBwt4WfmMR0Bmm4zCMB86lkWxgyoGVbMjOMosx0w7Gi1NR6AovcO1CxT_q9ysytsnVXuJRSse4GSwq6AHriJGdPuRtiZ9cRSQNg5mfxv4M3dHorpvbYqhU8uDRArbf-bmbdgKUteNTERJYpFGtLfc9rQ3on8QuH2C1rohVZhQv0wsxL6reLESov2Y-4OxYaR1GPnBDtt6a84T5i_yheV5_V0eXB5g8MfVQnzks5OuukMjUXWZRbRLpZmCgxd2HR7EHlI9GIHEryMPTJUnJtfcmZJpCfFjfHa1CLJVQ2Qcf7QQPwAMMYG_3i8QkaEACWBTJc2ukSQ4itu4-TTYGFl9OL2EAHQlkmrkPWUnnPpyg2eHPcDSI0fjRYDjjXH0S4DwloF1knVDtWu1cZbyTmL78CAQ8uta5r4X81ZgdnYTb1vQhKGfcJcMdrUQgZoQNFLt2vOidmFJd_8apuDvh6Z3cL_e3WYfUgv4WmZE44pan3Q2bNkW75g33qrgIvo3QxhRZzryzsI8qyDuoUQvs8URr4SzN8qBnbfiQokSYOA6YfewsSPseEBFFsfZHl8rfWdDPwFOWdyDYVLiE-nfVOjDTtFWSbMO1mhpl-tYUI-RfQW4Xg_wWV6jRbvMpOihfAKoXupyyWRC269huHiYXRshfbG6O6lDRUhYXZl8Tmwzj00raGRZkhVGCuw3PiGiZxWlB6e4txiYuRAEqg

Requested by

Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 0251 0
150 B 101ms
35ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=11866300004705704445010012537007&a=85ea1735&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=11866300004705704445010012537007&a=454ac151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 01:05:14 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0251 14 KB
15 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:12:00 GMT
x-content-type-options: nosniff
age: 114794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0251 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:05 GMT
x-content-type-options: nosniff
age: 58269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:05 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2D78 53 KB
19 KB 145ms
36ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11866300004705704445010012537007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:58:49 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 83186
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: N7o_UMtNsJSrTk9nqKDukG_NP5z65GGBAcc-4zX70LRRbMgWsOspoA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 2D78 85 B
438 B 127ms
38ms Image
image/gif 18.239.50.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702429814&Signature=TK11S9Qd4berxpmy~6wEvp9rUFzuRAWDWppeWB37RsdNdDzKJGNfgMOFLGMCOsIayvYLGhCINVYSYR5eTC2CIXdVE2mkAYIPGe0WF1S9CpNoCeQWfvpxIWbxRQPEkHdn9qlp3BnnJLjIGOmQpShJKg6pAIdCSI1UZ6kw4OI6jO6bbCRZnWwaxSJG6P8BqJYjJvJk9HITM34JMiSIpAMsBWK6vbK5t8UcqIEQtTsD~mJdWnZyK-82ATqFUdgMjGxbAuHqGtK4MYjN-595huPG12fTd1RIfOSIzEIu0TG-WwgtSDtNBdfSboTdO6OZmT4ZQzM7bk5ucl7m7SuD8VCyYQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 12 Dec 2023 04:49:03 GMT
via: 1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 72972
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: zdzbYZxHVfWqwt-MCg3dVbyMIprv4-UQW8VuV9ysb2G6625y5iYp2A==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 0
24 B 59ms
59ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=SQN5ZdyYPPzpx_APlpGC2A0&p=ias&bl=0&twt=728&st=595

Requested by

Host: trueliketop.org
URL: https://trueliketop.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FFFB 274 KB
91 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bb31b4869cee5b19382659bc81b994db65e7ef71e3ce0489f6ee898c6b4ebd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:05:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 01:05:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E78 43 B
215 B 191ms
191ms Image
image/gif 2600:1f13:800:7782:cac1:b5d6:8914:d668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c6468689-e1cf-b8d2-1c32-66fcd5dbce45&tv=%7Bc:wDDo5g,pingTime:-10,time:539,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702429515102%7C%7C5a14aee8542677eac9125235c268d275%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C4f2af6082c10dfb7785d854431aabbce%7C%7Cd20c245a4d045c003989cc74d156aa25%7C%7C3d06400ee11eecc8269bd860cd9a0ae4%7C%7C5c8ffbd9db647a605c68b9597a1433e0%7C%7C577391988b771fe68fa7f35c427d0cdc%7C%7C1663701684%7D
Requested by: Host: 179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
URL: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 176ms
46ms Preflight 18.134.58.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.58.19 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-58-19.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2D78 16 B
209 B 101ms
101ms Fetch
application/json 18.134.58.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.58.19 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-58-19.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Dec 2023 01:05:15 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E78 43 B
215 B 190ms
189ms Image
image/gif 2600:1f13:800:7782:cac1:b5d6:8914:d668
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c6468689-e1cf-b8d2-1c32-66fcd5dbce45&tv=%7Bc:wDDoer,time:1108,type:e,im:%7Bpci:%7Btdr:966%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:51,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1099~0%5D,as:%5B1099~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:471,fm:tYheKpt+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C19*.990511-61634100%7C191%7C192%7C1931%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:53,sis:221%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:15 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D78 0
24 B 60ms
59ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6610498064658&version=m202309260101&ct=77&x=1&cor=7678771166717764000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E78 0
24 B 59ms
58ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3490935957235&version=m202309260101&ct=76&x=1&cor=3751847125162962400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 01:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=trueliketop.org_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=dHJ1ZWxpa2V0b3Aub3JnLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trueliketop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGASWFVJZE1N70CECERHJ53H
date: Wed, 13 Dec 2023 01:05:17 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 86439
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 834a4c424b712c25-FRA

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 02:29:49	Name: demandSupplyTi Value: e1be7ec8-b4de-4f91-92f9-6b6ef0e09153
.demand.supply/	1970-01-20 16:53:51	Name: __cf_bm Value: 00IRVKX08Aya_WW9Tq3ZLb.U1BKlEViuEGvZSr7WrvY-1702429510-1-AXQz3q1fzyxqECWf+a2Q5A0m7qpACi4/AVyLcI1TgIWY0etqSWz94yhxdX1zcFZUaEgdkIDNdSHN88rgdK2d1H0=
.trueliketop.org/	1970-01-21 01:39:25	Name: connectId Value: {"ttl":86400000,"lastUsed":1702429512000,"lastSynced":1702429512000}
.criteo.com/	1970-01-21 02:15:25	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:15:25	Name: uid Value: d32d404c-874d-4701-8267-4ff662ad588b
.openx.net/	1970-01-21 01:39:25	Name: i Value: 7631f8a4-665a-42fb-b6ac-42367e869b88\|1702429512
.trueliketop.org/	1970-01-21 02:15:25	Name: cto_bundle Value: YSChQl9aYUhRdnF1Y0lneDVjTUY0dTNmWlVtVGVEb1FNOE96T0RLVEpPMExoZmIlMkIwR29xakhDVHlXVU1GV1ZzeXk2OWJEaklFYVh1bWFrUWNhQmh2OEtPT0t2ZlR1REtJZkZYbXgyVGhMUjQ3cnk5RXpMU0Z1QW1RMmNQSjhZcU4za2JHZGJ2Y08yeUtpcnZ6N1FxVDdsaFklMkZnJTNEJTNE
.trueliketop.org/	1970-01-21 02:15:25	Name: __gads Value: ID=3811573370d4307e:T=1702429511:RT=1702429511:S=ALNI_MZXNxBR-n5Ijo65-pBNT64FVQs3bQ
.trueliketop.org/	1970-01-21 02:15:25	Name: __gpi Value: UID=00000d1916315fa3:T=1702429511:RT=1702429511:S=ALNI_MYbvesOIXqdhAG_cfGwlUBxnoNSPQ
.doubleclick.net/	1970-01-21 02:15:25	Name: IDE Value: AHWqTUnQfEVY5ldAxlIKY_5TF3zkKf2Oh9RGpMKBtsl67wXPLUAqZyWFo939rdwpkwU
.yandex.ru/	1970-01-21 02:29:49	Name: yandexuid Value: 7293979411702429512
.doubleclick.net/	1970-01-20 16:53:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:13:01	Name: APC Value: AfxxVi7VyifqrA3arPJNC_DTHwyi43kMKUeiiwzDuSZti5AxQfSYoQ
.casalemedia.com/	1970-01-21 01:39:25	Name: CMID Value: ZXkDSMzBULJ70Ws4JTpTfAAA
.casalemedia.com/	1970-01-20 19:03:25	Name: CMPS Value: 3190
.casalemedia.com/	1970-01-20 19:03:25	Name: CMPRO Value: 3190
.adnxs.com/	1970-01-20 19:03:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%9uZd4v!@wnfH8K6pQK`!5=E<L5?%M><]Vd.yaq7A(UE1T6$17R4y>zKrATP]Mc%nugO%v4VB%nmF!)ujs$
.adnxs.com/	1970-01-20 19:03:25	Name: uuid2 Value: 4282854766679008367
.everesttech.net/	1970-01-21 01:39:25	Name: everest_g_v2 Value: g_surferid~ZXkDSQAGgsGYAQBU
.zemanta.com/	1970-01-21 01:39:25	Name: zuid Value: YZN79Pka8sHhIvakOXXv
.doubleclick.net/	1970-01-20 17:37:01	Name: ar_debug Value: 1
.mediago.io/	1970-01-21 01:39:25	Name: __mguid_ Value: 81fa84b7ebfaba311q7eog00lq32krkx
.redintelligence.net/	1970-01-20 19:03:25	Name: 8lcfmzhxc8d6_uid Value: af7b8d8430353b0f
.adfarm1.adition.com/	1970-01-20 19:03:25	Name: UserID1 Value: 7311879086381463702
.yahoo.com/	1970-01-21 01:39:47	Name: A3 Value: d=AQABBEoDeWUCEJCirFHXGfYjIoxDQDWFkLIFEgEBAQFUemWCZQAAAAAA_eMAAA&S=AQAAAiJKRjCqEndRI8l73I38B-Y
.adform.net/	1970-01-20 17:38:27	Name: C Value: 1
.adform.net/	1970-01-20 18:20:13	Name: uid Value: 8049545740090728690
.awin1.com/	1970-01-20 17:03:54	Name: awpv11601 Value: 113440\|1702429514\|ac4ac2a0-9953-11ee-b1a8-22396ad6a5ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 02:29:49	Name: source Value: {"webgains_webgains":{"timestamp":1702429514904,"clickCookie":false}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/;
X-Frame-Options	ALLOW-FROM https://www.nowanimes.com/ https://nowanimes.com/ https://www.xpanimes.com/ https://xpanimes.com/ http://trueliketop.org/ https://megatecnobr.com/ https://www.legiaotec.club/ https://tectecno.com/ https://tecnodisco.com/ https://uptecnologia.org/ https://techdiniz.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

179f8f36c84eb40a8690850aca7b1742.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.ad.gt
aax.amazon-adsystem.com
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
live.demand.supply
match.sharethrough.com
medialead.de
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid.dsail-tech.com
pv.medialead.de
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
trace.mediago.io
track.webgains.com
trueliketop.org
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.102.45.165
104.18.35.167
13.32.119.77
13.43.203.41
138.201.63.157
141.95.98.64
142.250.181.226
142.250.186.70
151.101.130.49
162.19.138.120
172.217.18.2
172.64.151.101
18.134.58.19
18.239.50.21
18.66.147.41
18.66.23.147
185.64.190.78
185.89.210.212
23.215.22.18
23.52.123.144
2600:1f13:800:7782:cac1:b5d6:8914:d668
2600:9000:20ab:6200:8:48e:53c0:93a1
2600:9000:223c:e00:10:dd8:5e40:93a1
2600:9000:2250:4200:a:e047:753:a221
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::ac43:266a
2606:4700:3036::6815:7f3
2606:4700:3037::ac43:803b
2606:4700::6810:5714
2606:4700::6810:8516
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2006
2a02:2638:3::3
2a02:2638:3::c
2a02:6b8::90
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc
2a0b:4d07:101::1
3.248.109.126
3.68.140.79
3.69.190.202
3.71.149.231
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.208.249.213
35.244.159.8
37.157.3.20
51.89.9.252
54.154.164.196
64.74.236.191
65.9.66.104
78.46.111.106
85.114.159.118
91.121.248.44
94.23.99.218
99.86.4.39
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
0511fb45e1575129bf8897d4d00fc2cb67f05e6b2d534952d3004e809848b970
0683ee3c68e5b2a6e26cfd9541f8d4b437af86a83513f491e0b3fe0d8e4f1b78
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08f90c311d85be0d727bdbaaeb3ef611b2f3554bd4423b7c3171d3bc695e8680
0937f94a317e9ae6d1f7f755e38d502be1f1044003a90c141dc0a1f193a18149
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba85231f87bcbb45f684c5d6b0eafd7154c7c9e247183355f502c3685435241
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cc33eae13f17b9ed1ebb9048e0809137def1eef6597fc1de7eab6635a621637
0ddc028188aae687eca43448d5b754b73f0d0532130e202c64fd6a1c11f7d107
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942
102fb15f974d764d68b8fab55d8cea8ad640fd83f116364d33cbbdd42c88dade
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1bb31b4869cee5b19382659bc81b994db65e7ef71e3ce0489f6ee898c6b4ebd9
20df61b837c2852858ad3c501ca84c8d9f40452b23daa7496c134b9b80e1d6be
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
26a9ddbf55f381ab69a7cdfeafa0f50bf18423ba8dea016b3cfa065b6c2c98da
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27ea3f2d68e99ad470325c3b2947d9bbc994249116a16a18ac366bd08c0436fa
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2a2473b3e7ac5cd75c1d5b2c38049be3997e7b215a306e6aea6e58edc6c22afd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2fd614288fcb2de2943acbf0eb797032f842bb7c6cf4433d1fdd52d845c34696
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34051bd68b5c20b6286da551e846cace86ead29d0b35bd70fcce62b872030602
35ddb0281aa7d286efa01c43870f954fd648eef3ff244670b54c7cc11e38c009
3822a44aff9be621e80193cd1d7e7868bd829720b0f77f90c26386b528ecbd5e
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a7c945c8e2461e4713c789136780e33e2ff3c62967c269f7cbcbd0c10184e67
3b25d40ed610e3c9f124dbde5eda452abebd467b55d48ae5f03c4260abfae336
40456e161c15711262023cae30405125748a3b8ec3f89ee63e93b4d665d32783
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7d35ac986e47397977d7f98ab60c0f8f0a6c6e83f3d80b3c4d1c49956fa05a
4d1c61f97def8e36a319aa9afe1df38bef56b42f5fbb12aabbcebf92d705c02e
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4da6ca0cd77056754444ca25ccbaa3a9bff5cc62a8a23f0af97cd28fb3877126
4df55590ebbc61dd65a9667f5896e685e22a088cf62dd7f538d14845a53e28e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
59e97432160422770dff71bc3cf23bfafe727fca659bd13d12a5a0a6753bfee3
5a87d11b55410181a8df8c22beec9a028a55f2086c0ae95b7cbd440fa1330110
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64883f4aee2bc6f50330986c11c2bcf66daebb447c8ba48bf31f7105bf44df0a
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
65522d4713853b492985f5d3150d2a2a6aedb8e50b9dce847a0366f4a084ff78
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
69d25051289ab7ac77b1ad5fc22e9b599aba092ac44c9cde7d3db2cbc63e89d6
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d4ca882eecd377a8f81d19c147931e297973caad6162c098856cf54f8103d67
6e493342f5f869a69cabd82f9b9180e8df2b7e2ac5b61a151f516542423d35ec
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7758753c203db864d4f87cb89829b41af0cf8f386bec2df9e709761513ae5cb6
7895c6c09484d0a4783753778339d4cf27abdacb5e1bb71a80fdb9c1369d68c1
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d7f6ade689ab95aa962b3ef5d08332ae728218680a5c38fc4dde438eac51844
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e73cb446d6674b02d6c7e877ca729c9da7cef656e41c68a0361383c749ac1f2
8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f6068c97f29b9a0fdc1f1a619db9585db8081aa0489ef0053997193ee28ede
8ca0296050b79b2d139deed8e8b4c29e38dee8e0f8cafa9b51241d5ee530f52d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92e21a5303b8bab11c2b7be06ec9b4e8832f67b2bc25505c4b9da07406d790d8
943d9321f29ef97f9d942e888000e19366124162e8276d75e711ee86ed2bdc66
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
966976c0fbb9d006472ed084b8322d5e07f8beb79c408dce5ca83b1be1f01d28
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4d1d08557bf735a48f50556ffe565cba79c36d7b8b708c29ef257c1944892ef
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6098e1415d47f2e0452fd971a313eff5511bb0919b927995dc90c0d3668dc1c
a6a68d84e19f03ed72c84f9984a7828787d953a18ec9dd51b4925ad3e655a345
ad232d76ac351bdaabf78a8cfe0dc6fbe51c16e23a4b8ca978cd0bcd28b23920
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b303d626939d21d146c25c5e7f8c8156579d5d673ea007969e5573aa86f29688
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b98cb2160a96110b83e17adee3802f5c430e58e5b298957a97fac0137949a549
ba985b1a8f10f23e287ac8b524229b211240ae6573038e07455bcb8f4319cafb
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
babc895ab4caad58bda3fdee3b1e67a0fa550aa0ac8c8f3875e8fb21fb18184c
bacf6dc516ddc829a92b079243a360e1f10c843d628f76900443f842ad013670
bc5ec53ba96ec0c7ad1641b216002e4c134cd43e481c7ed102a306cb1bdddd03
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c000ff0056fda694b75641c9dcd22fc90163376e2fbf072445b527e3e386218e
c1168d0127b02bba8ff510a58d11a9105ded68c0afc99186c4f24234fd720430
c1628bd4edd4b0e919b86efa27560b78b438a63675399af046cb62a3040ed3e7
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c71f004cfd522511bee27860e83d7bf78e1ef8295266f385b1aa0d589f5f87f8
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c920ddb3f271140e52cca4a573374e397e78c2ea28839d9de0e8b3ebb6e026f9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cab9ce627ca76479cbacc209222ae250f7db12ad8229cde70d2d0b9e05cddf75
ccd47de24713308e5085db9205fd8a1e0b7dff0535ab466948c6fec433fcbb28
cd93c3b7a1756c0b3513677f22ec9241bad96fccb09b42edfa0ff67060d2b832
ce4bbff690693fcf758b93845116595d6d541427bce60f9ac414161325164d8c
ce9ea19684649109b2f96f68959eb825a59c0d45434dde55c34d5a1ce5aef0d7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d5ef92fa5f47d362df30513b5feabbd8a193205a989fd608453c8ed51a88cb2e
d8cd7ffd11238414c602aa8df4d3bb99a05b79bb9c0ab86003ffd09b87700b1c
d90052e947de35f63cb1c14e7a5f7009b5bba9cae17dabbf38b340450e030e3b
d99991c6ac43ab8eed14fe8bc4ac94b5c7c977fe7134587ce68910baf617e2a7
df1ca1f8176fde7d10f2be1d3e7483216d559a0444fb35c6212ba3e89757dd65
e00b35b395706594a843fc26d14d6193c40d0f04c4b0afec63ab6bcabd0486e4
e086df7d320bbc011f686e1f03184824f2fd0e90b27889d2233c0ebd998141bf
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eec7e3b70326f4b5ffaa38e20f604d7a4f472e31059e586d6d27ebfa3d9c8586
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e40b375d4c76143bae818013bad107f0de3dbaf0aa472575957170f091ed01
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff300cac974d56d0ed978f857be24dd0824696f75086c296d565dff2716e096d

trueliketop.org Open in urlscan Pro 2606:4700:3037::ac43:803b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

266 Requests

90 %HTTPS

42 %IPv6

50 Domains

74 Subdomains

63 IPs

10 Countries

4097 kBTransfer

8164 kBSize

30 Cookies

4 Outgoing links

Page URL History

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trueliketop.org Open in urlscan Pro
2606:4700:3037::ac43:803b Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

90 %
HTTPS

42 %
IPv6

50
Domains

74
Subdomains

63
IPs

10
Countries

4097 kB
Transfer

8164 kB
Size

30
Cookies

266 HTTP transactions
6 data transactions