eg.hatla2ee.com Open in urlscan Pro
2606:4700:20::681a:6c0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hatla2ee.com/
Effective URL:
https://eg.hatla2ee.com/
Submission Tags: tranco_l324
Submission: On November 06 via api (November 6th 2021, 6:07:24 am UTC) from DE — Scanned from DE

Summary HTTP 74 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 74 HTTP transactions. The main IP is 2606:4700:20::681a:6c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is eg.hatla2ee.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time eg.hatla2ee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:7c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:20:... 2606:4700:20::681a:6c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:303... 2606:4700:3034::ac43:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
11	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
74	15

1 2606:4700:20::681a:7c0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hatla2ee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:6c0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eg.hatla2ee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3034::ac43:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

media.hatla2eestatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hatla2eestatic.com media.hatla2eestatic.com	716 KB
18	googlesyndication.com 09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	222 KB
13	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	134 KB
5	google.com adservice.google.com www.google.com	2 KB
5	googletagservices.com www.googletagservices.com	175 KB
5	hatla2ee.com 2 redirects hatla2ee.com eg.hatla2ee.com	163 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	google.de www.google.de	608 B
2	facebook.com www.facebook.com	460 B
2	facebook.net connect.facebook.net	113 KB
1	google.nl adservice.google.nl	792 B
74	11

	Domain	Requested by
20	media.hatla2eestatic.com	eg.hatla2ee.com media.hatla2eestatic.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net eg.hatla2ee.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.googletagservices.com	eg.hatla2ee.com securepubads.g.doubleclick.net
4	www.google.com	securepubads.g.doubleclick.net eg.hatla2ee.com tpc.googlesyndication.com
4	eg.hatla2ee.com	1 redirects eg.hatla2ee.com
3	www.google-analytics.com	eg.hatla2ee.com www.google-analytics.com
2	www.google.de	eg.hatla2ee.com
2	www.facebook.com	eg.hatla2ee.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	eg.hatla2ee.com connect.facebook.net
1	09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	hatla2ee.com	1 redirects
74	16

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
ksa.hatla2ee.com
uae.hatla2ee.com
jordan.hatla2ee.com
qatar.hatla2ee.com
lebanon.hatla2ee.com
oman.hatla2ee.com
kuwait.hatla2ee.com
libya.hatla2ee.com
iraq.hatla2ee.com
yemen.hatla2ee.com
www.facebook.com
twitter.com
itunes.apple.com
appgallery1.huawei.com
www.hatla2ee.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-15` - `2021-11-13`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://eg.hatla2ee.com/
Frame ID: 9D37CEB61C594C4CAD3809080F2C4F2C
Requests: 45 HTTP requests in this frame

Frame: https://09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BB07B284551ADB9B269752BFBCF4D13
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVya0bxngD0AZBNuF5TV9Y_UyeMUAQqmbONZgPeohBjoCog9LqPxPYFVITrgglhyD-d8tKAG7k9dmD65tMC6T1gsvyZXzmQa37rTG7h8vXtYecJTgo5IgY2yVUOhj90OqRne2xkHkCNp5MgvY9nIPOruEEKRNu8vWLgBTyVwlya2QUq3nUFm0PKQtTAMlQ_9H8L1iO6zE2fw4CbDcLoaOhyVeAEVLiaqiKUfcDtrW337onb_Tira-ADiwGzXkmBwPcYT3AEHuXKldIGkv6NMgsF7iU79uzGsLT65Q4WLV3XrWEf-ZuBQ&sai=AMfl-YSOvrsSWkKcUtLumT-z_shg3Yo1XoRa6i2x2I-cQ36lB_3RRjAl8vAOdNbkiY-3-wX4L0DSraIhkhhJYS7N2cgqiM3vuQE7Q8P0NVzmHYr7KejHpisq0FoC-LZs9vtf&sig=Cg0ArKJSzBLzUDiLoemLEAE&uach_m=[UACH]&adurl=
Frame ID: 0A261B9B1DAC7C4BE43FBD4A76919A9A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPI72-QNa-jxy6Ukh_JuBJPcrweO6OtztLfYcdakMgKG3TKZ1P4k_euBc9rA1H9FrA9rPLNUBJ1soTqcv4bO_9T6s0gaRJPaWmHCkJbJiMzYWMzJAYJGbWoSWSwy1wVa06Uw8l7np8sezHniLul-TI6_Zb-wZYycqW1NBxuYsvREuKIQJlMoKAndxLcJRbOcSBEbMPl5KWBNkpezvGz4b2DYwjcgXC47rXl8fZV96ZfN1hL5FfQ-MzNtR3teAHpm-5O2dIBVrXqumztIdfzv0u8McUeMprd3n6PDD1MfkVsmAyzYrmGEidywQFJx62dw&sai=AMfl-YQXEBnjV_8y2fZ2VedtsmAJKy0j8N6U6BUgN2AWEVNI3UOt7lDFv3BTadlsrvOEg3v23HFd4u5kDhc7wc5I6UJaQTMOvRtle6pYzcHIJrkSl9XeKwho58DwAbkYL2lI&sig=Cg0ArKJSzCYjo8E8iTvhEAE&uach_m=[UACH]&adurl=
Frame ID: 9A554AA1DD66F299A1BBEA19D345906A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtKKL5H_eQSgP8R_sFktAlyvwZvfPtbwr4oMy2tGGQmwzG3ryKesFJs4b-XgN__UhzqEa9_ghkrBJx2yGpaIXNIE5wcjESkaAWdXlhK5QKY_dDh93UAaGvFaoNU1vqGtxQzwtQyhAPUThbw3Bd2uKF_hf6fwvWZnqoHwo0oYpxQLs9-quBpxbcMmyBOn3Go0CQeCjkt0vQnVVWWwGNJYEpIh01CidgcLO2aR8J8ANjC-BbPdis4ZP0Ol-w5Isrl1KlbUIn5__Q8Ed2OVGTyN4nfIRJS-MwfYWoRUiOU4HCUAKFRoFJsYjZdk8N_tC-&sai=AMfl-YTLLTiAuUn496T_DBbUIHU1lC7CJIzz8pnjUvO2gTi6PpLhgqXllHYj8Ig0h6pe7dFXTnRQQh3DqnjkAqcZOihs2P-4TQ3m_BS6tn8hYdYjxk0okna6Ji_kZlj2Wv_e&sig=Cg0ArKJSzE3vF1X81xzPEAE&uach_m=[UACH]&adurl=
Frame ID: F54808352F68C39E77B0EE663AA4EFD8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn9fQbNMYqS5Dcv_Sd-u0o8BjxVAKKWapoADNV-NCQUIEWYe_UlFWG2Tyc17fymgdIPp7UqRw0GOBVAmqaIhcmDBwNogMY5hAD0JIF4PuFIuEl0b-q3wZZj8yEdr7Tkevh8wb7vrN7IXPO6zORphpEdDZYHde9jkRa9Bet7ZPYr1NS3INkmknYpZKI20oRxegVzy_RfwIkWJ7k2Az0K9g16AxGxJcttljv_RL6eQBMkjUmSTQS4w6XUEgHEjJz7dgO57Jr2Q_81F9wMT6BDFmUG1-r1WyOa3OD2R2mfM3Ggv8X50UKzw&sai=AMfl-YQzaRVSelQx6e6DhpyCwUDpFIEAJ-R4AHnNdHVQGEXTrbwP4Jqw4Ce9YVtm62eVUtghttbJ6pK60Fu4kSGV6fZ0xXa84hfgsT3k62VwwZs6zjuxP-xSh7MOimI-SgMK&sig=Cg0ArKJSzFiX810cnwwgEAE&uach_m=[UACH]&adurl=
Frame ID: 70B9D7CCED53279B9AE3A78B2C0999DD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4BB91D7311B14AF2DA062CC2F2730F12
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D1695DA73DACE189BD35D0ECE1F2100
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

سوق السيارات المستعملة و السيارات الجديدة في مصر : هتلاقى

Page URL History Show full URLs

http://hatla2ee.com/ HTTP 301
http://eg.hatla2ee.com/ HTTP 301
https://eg.hatla2ee.com/ Page URL

Page Statistics

74
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

1546 kB
Transfer

4041 kB
Size

8
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.hatla2ee.hatla2ee_egypt&referrer=utm_source%3Dhatla2ee%26utm_medium%3Dbanner%26utm_content%3Dbanner%26utm_campaign%3Dbanner
Title: احصل على ابلكيشن هتلاقى تنزيل من المتجر

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1272125275?pt=118766861&ct=banner&mt=8
Title: احصل على ابلكيشن هتلاقى تنزيل من المتجر

Search URL Search Domain Scan URL

URL: https://ksa.hatla2ee.com/
Title: السعوديه

Search URL Search Domain Scan URL

URL: https://uae.hatla2ee.com/
Title: الامارات

Search URL Search Domain Scan URL

URL: https://jordan.hatla2ee.com/
Title: الاردن

Search URL Search Domain Scan URL

URL: https://qatar.hatla2ee.com/
Title: قطر

Search URL Search Domain Scan URL

URL: https://lebanon.hatla2ee.com/
Title: لبنان

Search URL Search Domain Scan URL

URL: https://oman.hatla2ee.com/
Title: عمان

Search URL Search Domain Scan URL

URL: https://kuwait.hatla2ee.com/
Title: الكويت

Search URL Search Domain Scan URL

URL: https://libya.hatla2ee.com/
Title: ليبا

Search URL Search Domain Scan URL

URL: https://iraq.hatla2ee.com/
Title: العراق

Search URL Search Domain Scan URL

URL: https://yemen.hatla2ee.com/
Title: اليمن

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Hatla2ee

Search URL Search Domain Scan URL

URL: https://twitter.com/hatla2ee

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1272125275?pt=118766861&ct=sticky&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hatla2ee.hatla2ee_egypt&referrer=utm_source%3Dhatla2ee%26utm_medium%3Dsticky%26utm_content%3Dsticky%26utm_campaign%3Dsticky

Search URL Search Domain Scan URL

URL: https://uae.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في الإمارات

Search URL Search Domain Scan URL

URL: https://jordan.hatla2ee.com/ar/car
Title: سيارات للبيع في الأردن

Search URL Search Domain Scan URL

URL: https://ksa.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في السعودية

Search URL Search Domain Scan URL

URL: https://oman.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في عمان

Search URL Search Domain Scan URL

URL: https://yemen.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في اليمن

Search URL Search Domain Scan URL

URL: https://kuwait.hatla2ee.com/ar/car
Title: سيارات المستعملة في الكويت

Search URL Search Domain Scan URL

URL: https://qatar.hatla2ee.com/ar/car
Title: سيارات المستعملة في قطر

Search URL Search Domain Scan URL

URL: https://lebanon.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في لبنان

Search URL Search Domain Scan URL

URL: https://libya.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في ليبيا

Search URL Search Domain Scan URL

URL: https://iraq.hatla2ee.com/ar/car
Title: سيارات مستعملة للبيع في العراق

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hatla2ee.hatla2ee_egypt&referrer=utm_source%3Dhatla2ee%26utm_medium%3Dbanner%26utm_campaign%3Dfooter

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/apple-store/id1272125275?pt=118766861&ct=hatla2ee_banner_footer&mt=8

Search URL Search Domain Scan URL

URL: https://appgallery1.huawei.com/#/app/C100213777

Search URL Search Domain Scan URL

URL: https://www.hatla2ee.com/
Title: Hatla2ee.com

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hatla2ee.hatla2ee_egypt&referrer=utm_source=hatla2ee&utm_medium=takeover&utm_content=takeover&utm_campaign=takeover
Title: هتلاقي أسرع على تطبيق الهاتف search شراء add_circle_outline بيع local_offer الأسعار notifications_active تنبيهات والكثير .. نزل التطبيق الأن

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1272125275?pt=118766861&ct=takeover&mt=8
Title: هتلاقي أسرع على تطبيق الهاتف search شراء add_circle_outline بيع local_offer الأسعار notifications_active تنبيهات والكثير .. نزل التطبيق الأن

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hatla2ee.com/ HTTP 301
http://eg.hatla2ee.com/ HTTP 301
https://eg.hatla2ee.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
eg.hatla2ee.com/
Redirect Chain

http://hatla2ee.com/
http://eg.hatla2ee.com/
https://eg.hatla2ee.com/

254 KB
47 KB

42ms
19ms

Document
text/html

2606:4700:20::681a:6c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b491bffb12e7b548f9f3102afa721890f66fe7aeba30ed4b0d92d7d6fed1c38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-backendfr: opswsws1
cache-control: public, max-age=1800
x-varnish: 604615947
age: 719
via: 1.1 varnish (Varnish/6.0)
x-cachefr: MISS
cf-cache-status: HIT
last-modified: Sat, 06 Nov 2021 05:55:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZv%2FM0kxGqXVwSSH3FWHkrj6vZ5j9R3H5F0r95aRCF%2BZ9hBFNb7YzT%2FSK6wT6S4FOBea3ix6%2FoJbSN7LIOwkVuZ9qgy2OhWC4SkpJVVDVJCIFPFQfriKYArHNiMjGCR%2B3%2FwaA1b37CQS7Zfr6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a9c240cda74696f-FRA
content-encoding: br

Redirect headers

Date: Sat, 06 Nov 2021 06:07:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 06 Nov 2021 07:07:18 GMT
Location: https://eg.hatla2ee.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omHBTse0Z4ZbHp3g9L2chAYhY%2FBXAvs8507AjqsDOxc0ktqbwS8bCC1PSaJVa0A7FJe%2ByDSjdFn7JDyV44DAIaSRHPLgJY%2FBxdCPu2q6kys1gUhB3UoVMD1LYg0u1B%2FT53QFZtVeZ31u%2F3q%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a9c240c88ea1e47-FRA

GET
H2 200 out_ar.css
media.hatla2eestatic.com/css/ 1 MB
177 KB 55ms
26ms Stylesheet
text/css 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b3813d0d2e7c58b6e1f144e42e33940321a90318163ff542561c5a9952bcd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424112
cf-polished: origSize=1144319
cf-ray: 6a9c240d4a274e37-FRA
x-backendfr: opswsws2
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 01 Nov 2021 07:42:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9as6gx98dvWMCx5ucoSR42CE0WwtVDvgnc6c%2BoM2c8u88UQMeV9Z5j0sFqFamYGfy%2Fwx5EfYvORB0mA%2B%2FRfEGKfbgBmskqrdUD5u8NdL02DnaQfdX4DTxGAaoXp2OO37EH6cbmzsVcFqQqr06jAZZ%2BOU1iPeOE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 287490436
cache-control: max-age=31536000
x-cachefr: MISS
content-type: text/css
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d61fdba0290ea6cc905eb69d9092ebf027e70f8385b793b140c848a31c23451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1035 / 689 of 1000 / last-modified: 1636149998"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27093
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 06:07:18 GMT

GET
H2 200 hatla2ee_logo_new.png
media.hatla2eestatic.com/images/general/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/hatla2ee_logo_new.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c893d1464c078f6fd76c6ab0b140105d2fe3cad26cb0371a95cce15e9dfe9ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17023850
content-type: image/png
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Apr 2021 12:30:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiY2utbiIg7OdLPGZnLaoy%2Frsppn2V%2Bu4jjdBP9W%2FxW4Fvp%2FTUd%2BOyjrHnYwtGY4eCJIy8n%2Fhhla8d6HbzCZQIWmOwlgtpF9lCFv0QF6ZqLcFNyv58y6PlhgLbKSaGBBz2Fx%2BHlHwM%2FgMXh4yO%2FcctQVaWdbH3M%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 272994134
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240d9a7b4e37-FRA
expires: Sat, 23 Apr 2022 05:16:28 GMT

GET
H2 200 appshcts.png
media.hatla2eestatic.com/images/general/ 6 KB
6 KB 13ms
12ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/appshcts.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8cd5b63aa619f2b5c65fb5bf3ac58ab2a64fdd000482330e2d9cc8c97e1eff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17572311
content-type: image/png
x-backendfr: opswsws3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 14:22:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKNDef0SVIDJ302gFdlEpNt1EBDaTU%2BxwpVB2hSoQEmqfA%2BTUJeNJQ87JRTQQP98ESjoPU28Vk8tOZvXLC3CSUw4SA3HTZeEQYi0m5TbZ8UWc13BPdMWj1joWnNa8pSCngGb16PC9WdSI0FwsZ8fENxwMtCVbuw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 891398542
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcac04e37-FRA
expires: Sat, 16 Apr 2022 20:55:27 GMT

GET
H2 200 road.png
media.hatla2eestatic.com/images/general/ 29 KB
29 KB 17ms
16ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/road.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38bbc054d43e472d767f5ff8ee234ba914592671a3867b7e1fb020d07c1aa9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5234920
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 497236099
last-modified: Mon, 06 Sep 2021 15:08:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zupOxC0p8IMAVV4B90VM0K3fXT6BV4uK%2B2udTiLV6PnOQMrN4W%2FR46z6K6hSpNflAuZNRHV19IIKBW5Z5p%2BFKKtAUWFIgLXZZkAXjtN%2BJV1T2l0TK6r4nJ4WfTrBFpNLBQu1nkFO6JfXrHRFvTnNMwhtuxNw4cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcac74e37-FRA

GET
H2 200 logo.svg
media.hatla2eestatic.com/images/fabrika/ 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/fabrika/logo.svg
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3654f6681bea316ab7579bd5bd0bdc299d9e45ad43703a8a8d1fb7b874eeafb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708518
x-backendfr: opswsws1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 36964850
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwLDlNG8PHpbQr%2BtiBOItI1XJSoOlXzSHiLu2J%2BOemiKQDmKgk5GZlcOivNaGYDpGhL%2FQzGACHdCieSZqARsI1u%2B%2Fr%2FQRDJdxOPtXK7p5Ax8F2spVJE%2BL20ef%2FPtGOlK5sXXGxRWOx%2BTyUt5nqML%2FW%2BFvs1vTpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcac94e37-FRA

GET
H2 200 ico_waiting-320.gif
media.hatla2eestatic.com/images/general/ 137 KB
138 KB 20ms
20ms Image
image/gif 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/ico_waiting-320.gif
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f12327afa859ebc6fb70b0676454a3655998e8c7d5c06da7afc8925e8d5ff61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708464
x-backendfr: opswsws4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 29559605
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQIU1PQJSxTNY%2FMhKYBuOkBAUirl%2BrU0k%2BOwnF%2Fymjy1vTTwOiQOGfNnAkhywH03TXRzj6wvjEBVIsKwqcLidierV1ny9OhJ%2Bl4lkIx%2BJCLydfnkNMLHp5XS62%2FTIzZfGKgxFuY8D8xROWYEDJ0DLU0ldysCQ4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcaca4e37-FRA

GET
H2 200 up_a45227340534ab5aea987f263af52b07.jpg
media.hatla2eestatic.com/uploads/dealer/514/ 37 KB
38 KB 36ms
36ms Image
image/jpeg 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/uploads/dealer/514/up_a45227340534ab5aea987f263af52b07.jpg
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4fb9a508079cb8129dcc8474fc477e68fce532d918cfe8fedbc3ad492a59ca8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17023553
content-type: image/jpeg
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 29 Dec 2020 13:56:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iuzqHhucvfI5VGJ0OffWMMKzK%2BQ0YMLuDVrds%2Bbi%2FpbTOSvSQfyjIiCfK1ZVaIbwXfCuV1r1NnzYdRNPAubx%2BcFEZO4sr1Hcot4nK8BtfaCThFDt42WoIXxbOU5lj0wJ80IT68QW8wtQgqEUFOQuVLYcCY1tFM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 261854278
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad04e37-FRA
expires: Sat, 23 Apr 2022 05:21:25 GMT

GET
H2 200 footer-logo.png
media.hatla2eestatic.com/images/general/ 9 KB
10 KB 23ms
22ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/footer-logo.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfc14db642406238470b1dc09aac2cb8affa315c4ee5d5d56de567b718fdfb72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 546867
x-backendfr: opswsws4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 172506715
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7MXEuDCe9wdAKQcNpCXuPyfmJVk7DBWURlKphGgRcLWGiYirg%2Fm7L6d4i%2FomrpIXJ%2FSpekcCFzA9RNIzFg0%2F0PefqaVmoo02QvEXo3uaLmXIwAG7WZvI41n29OZX%2FQNI7j%2B7ZDDT5S%2BqhkqttEKR6wZgfRXTIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad14e37-FRA

GET
H2 200 google_play_link_rtl.png
media.hatla2eestatic.com/images/general/ 7 KB
7 KB 15ms
14ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/google_play_link_rtl.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234ab4bfc09d8aefc0a6f1afaafb36ec89ccadba17863d6114566b402c45ef64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9157579
content-type: image/png
x-backendfr: opswsws2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Jul 2021 11:43:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi5mvxsWfXfPJ16BuuRIqA5838VNt%2FEx6q4ZdE4iGkSb8u%2Bo8wky59b0veFMTy5TY4PbNRe8iqMbki2d13tj47tY1dJ9RDEOqKZnLp4ZlmStu96npyeec3VPYtZdXclUW9KFknISmapTEx6LJ5yoZcfnmypdLhQ%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 56316167
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad24e37-FRA
expires: Sat, 23 Jul 2022 06:20:59 GMT

GET
H2 200 Download_on_the_App_Store_Badge_AR_135x40.svg
media.hatla2eestatic.com/images/svg/icons/ 10 KB
4 KB 24ms
23ms Image
image/svg+xml 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/svg/icons/Download_on_the_App_Store_Badge_AR_135x40.svg
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 336252920e85f1b6a227ad42a6a99ea5748982f78446b1a84bd80553096486eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17023851
content-type: image/svg+xml
x-backendfr: opswsws3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Apr 2021 12:30:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqKRhqX8DAloQH59txQMCEw3pHtTcW99JMCbUHSp8wX1k4nQjYeQSrIxDR0dMvRbI8IRMTruPmIwtnK%2BkLd%2FC2BYV77EBBp2XdMxzafQNz9NiBKC%2BE01mexvw9VppJdbZa%2BPytmAfWYeYVVLTDF7zz2%2B4IkaL4U%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 267949030
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad44e37-FRA
expires: Sat, 23 Apr 2022 05:16:27 GMT

GET
H2 200 huawei_icon_new.png
media.hatla2eestatic.com/images/general/ 5 KB
5 KB 13ms
12ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/huawei_icon_new.png
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a0ac74a26bde21b3e93701d9074068cb9402669b12a6986bcc0718c268a981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4677544
x-backendfr: opswsws3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 1026824280
last-modified: Mon, 06 Sep 2021 15:08:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5hfu7ZPPP1qXWnuywzkQIBB2K%2F4GoNNW0SWFTWLdm%2F%2BcoRT7iMEUPKRylsYkxqwV66dupG4lXe%2F%2B9mgMSUk6sUDc7jKGXa8AqhoCrvbJF75jMETcJF5DQFjoVEqW3kDbpOF5QLgZqqMvgHngREvVpP7FoBFSMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad54e37-FRA

GET
H2 200 out.js Show response
media.hatla2eestatic.com/js/ 382 KB
104 KB 28ms
27ms Script
text/javascript 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hatla2eestatic.com/js/out.js?1635752575
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0968455e8573ad529dc166eba799e42caaefec82b67428f7cba79bd1d8c97216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424112
cf-polished: origSize=391569
cf-ray: 6a9c240d6a444e37-FRA
x-backendfr: opswsws3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 01 Nov 2021 07:42:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpqvGxIM9HhbgnNrXRpx1we1vPCIVp8KCr0qo6nQ5iyzVT7QOsqVjhJcS2kvkyXgBupHLReu5KQEuHZcIYYlz%2F6fDYkteMsfGfMoMheTrKB3GdNcJqsPCAYBW0R0p9Lcmv0Hoqa%2FyP8HowEcYnYuSv%2BSoNRtCgw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 287490448
cache-control: max-age=31536000
x-cachefr: MISS
content-type: text/javascript
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 372
date: Sat, 06 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 08:01:06 GMT

GET
H2 200 ndownloadappblock_appscht-android.png
media.hatla2eestatic.com/images/general/ 12 KB
12 KB 14ms
13ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/ndownloadappblock_appscht-android.png?v=1
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8938b2d12b8b2f1bc194d0d1fc0d6a5cbeec9462bb4c6db9c759d8b83a09e759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17023850
content-type: image/png
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Apr 2021 12:30:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DO02%2BsPu1LiKH%2FEq%2FH3tL5xDb%2Fh8iQgoLUe3oz%2BHrd2DYf3ACiCY%2FpEuiU%2B%2B8KMH%2BKsZqs9mIyzP%2BXtKp5jrpnjIx9IJJEyXnubqSOUUNz%2FvcmuJQrw4Mjs09zqdGDV%2BKZaooFmmY0NmNdM1ISGy%2Bb51RHiVcZ0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 259756380
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dcad74e37-FRA
expires: Sat, 23 Apr 2022 05:16:28 GMT

GET
H2 200 ndownloadappblock_appscht-ios.png
media.hatla2eestatic.com/images/general/ 12 KB
12 KB 22ms
21ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/ndownloadappblock_appscht-ios.png?v=1
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ba511c6405506a889996aca748e3b0985624caca660a1f16385fbf5778f52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9158018
content-type: image/png
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Jul 2021 11:43:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8E3NC8DIz2U%2FIa9XTTysUf0XomoFp0FWtTqRgTp2ycwC2hJ5zYy%2FuNrgjtFcrS7AxRxI0CTB1KP9tcexjZO8PY7daj1jmLZrrnLgqFLX5j1ClrqYheryZ1MFk4dy02PDjvbACbbrVMc31wiKKrGOZomrqGQgJE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 92149005
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240ddadb4e37-FRA
expires: Sat, 23 Jul 2022 06:13:40 GMT

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 37ms
22ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 06:07:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 112 B
734 B 37ms
14ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=eg.hatla2ee.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

fa556fc5aa02c0a59838e2b9b1574ef34b2ce205c58f19b3a73d3c41b5c34cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Sat, 06 Nov 2021 06:07:18 GMT

GET
H2 200 icons.png
media.hatla2eestatic.com/images/general/all/ 41 KB
42 KB 12ms
12ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/general/all/icons.png?v=10
Requested by: Host: media.hatla2eestatic.com
URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b084eafce4212b77b0f96c440a310283a17dd9638d741c31edbe11efb46e3e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17023850
content-type: image/png
x-backendfr: opswsws4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Apr 2021 12:30:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ASGIclcre7Ez0hl1UusBN11atzpQXx4%2BY4tgCczflB%2Bf5OZ1C0LYsrwZGskTRMVc1PYkiM2KEJ10mFq8VVDCirKNJsCfAJV6ukmm6MkjDVMWBrZ1tUBSlrZJh7RpLTQdKDY0sdsFsZs1qO7%2Fpuqz4PpXupjUQI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 270640428
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240ddae64e37-FRA
expires: Sat, 23 Apr 2022 05:16:28 GMT

GET
H2 200 material_icons.woff2
eg.hatla2ee.com/css/font/ 47 KB
47 KB 15ms
14ms Font
application/octet-stream 2606:4700:20::681a:6c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eg.hatla2ee.com/css/font/material_icons.woff2
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8048179a9e6d2a88bffa8f7feef5e078c9959376218c622b6d0f14a8628d3f80

Request headers

Referer: https://eg.hatla2ee.com/
Origin: https://eg.hatla2ee.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708431
x-backendfr: opswsws4
content-encoding: br
x-varnish: 30084355
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Fx%2FkOvYqRJ%2BteQys3WtwJTi9WYVu5Ys6i%2BCCAvyOlmPskBFYy3P9gyKJy%2Fgk9a0Q0g3fO3be3qAzMVrnMoeqI0DdkxktwzZ%2Bm9OnnHvKAy6UoSR40OlNQikCsBKjLbG98MFRAUvFjiGtWtp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: public, max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dec48696f-FRA

GET
H2 200 NotoSansArabic-Regular.woff
eg.hatla2ee.com/css/font/ 69 KB
67 KB 21ms
20ms Font
application/octet-stream 2606:4700:20::681a:6c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eg.hatla2ee.com/css/font/NotoSansArabic-Regular.woff
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772ebfd6a8738568e21ae7c711289fb9eace128113df0047455559eed11b358c

Request headers

Referer: https://eg.hatla2ee.com/
Origin: https://eg.hatla2ee.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 704825
x-backendfr: opswsws2
content-encoding: br
x-varnish: 53937393
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYdUO%2Fac2Vy%2FHQOvHEo9YRc6McNREYIv7%2FVfTxV88C9iruDXXZI57XaUSoDTvGm19I7ZANZCLVp%2Fc0alHcrA02QGqGGhFQWTccJXAy%2BI%2BLKV4CeOHumTncE1%2FQdjdan80t%2FUUZma0IW6KLw8TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: public, max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240dec4b696f-FRA

GET
H2 200 all-55x55.png
media.hatla2eestatic.com/images/car/make/ 111 KB
111 KB 200ms
14ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/car/make/all-55x55.png?v=58
Requested by: Host: media.hatla2eestatic.com
URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870c5d3402a3b10fa0b28577062487bafc92587e51234bb2818c27e79ff89d0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4376767
x-backendfr: opswsws1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 363526925
last-modified: Thu, 16 Sep 2021 14:01:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNBA%2FtE46EhtG0QUoJDuFZA69at0Qp%2BaAW7WRrHeUHAEXJKa83f9JOxFQqFCvwKclQFNddpdr7nFoQXf%2Bj%2Fl%2BAzvhvsBpP5vMBSVIo1PxNGoKwyFFAScmvWVANvopSELUMUEhgvtgobqlhYZGS5fnnYpiKvrOPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240f7ca64e37-FRA

GET
H2 200 lowkm.png
media.hatla2eestatic.com/images/home/ 884 B
1 KB 197ms
12ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/home/lowkm.png
Requested by: Host: media.hatla2eestatic.com
URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef981658f51bf5b0cdcb19e9849270514e2d9f9abeba3da1a8f4b1531256365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6403463
x-backendfr: opswsws3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 538491414
last-modified: Mon, 23 Aug 2021 10:09:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LALdHZ3%2FLFlxVUVpq9J7nrgxHhzzRhCNvTefsSFvdHOJU0nIffLgbi3EBdYXYwdYII7pMYHgphVIe6lS2%2FRoIpzBxiv5k32iihiX%2BXfUOut77RzK4wIHz8OeRPYL6y60J7mSoys7koNbHgyNgedgtxQtmb5kGeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240f7ca44e37-FRA

GET
H2 200 taxi.png
media.hatla2eestatic.com/images/home/ 522 B
867 B 198ms
13ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/home/taxi.png
Requested by: Host: media.hatla2eestatic.com
URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7a1219cbdc3e67902332b87c6931a1e89b03e26bf44cd2f79e5d85f313ba34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 783940
x-backendfr: opswsws4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 640320527
last-modified: Tue, 26 Oct 2021 09:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DigU0JfY1HDJnT3Zm2z1VDY%2BODaF7xrkPokh9K%2FL%2B4TVeja3CoXXZE2gPGNJjxuZtQD4GLSUbUgYoVdV5IBxYlVzjNSXFXRfA0U0uavOS4eVHXVDN7x8auu7x1zJye53hi%2BWu865xT56gtrH%2FcUUpNSqvIVjgnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240f7ca34e37-FRA

GET
H2 200 finance.png
media.hatla2eestatic.com/images/home/ 1 KB
2 KB 198ms
13ms Image
image/png 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/images/home/finance.png
Requested by: Host: media.hatla2eestatic.com
URL: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4ef52d025161233cde9655bba8c9e1b271c7e2d99337ce43b3bbc854a88ca4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hatla2eestatic.com/css/out_ar.css?1635752575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4678946
x-backendfr: opswsws2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 1024361716
last-modified: Mon, 06 Sep 2021 15:08:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6pHGFcmRFuF%2FB0r64Xv6nL1Einl7Il%2FkaQy9SRSKwvjnpxzCYQIWWrweQs6XwveX7elDZo%2Ba6FQNHHc07IbSI7fikrl%2FRCNPcNXbZN%2FNWyq06sYQI9YlAatYCnn8VSDqM9stnTLh7EkMsdveIrYw6%2B3EJ5xDU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240f7ca24e37-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ynECibdDpaOorvzj+u6upZBKM3gXYxhEg4gGg0waeGdz/4KWq5eTBLelQ+dmzikGF2k6RDAJdCWDc4mxW5z4Yw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 06 Nov 2021 06:07:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 348ms
45ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1728886123&t=pageview&_s=1&dl=https%3A%2F%2Feg.hatla2ee.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D9%82%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%B9%D9%85%D9%84%D8%A9%20%D9%88%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B5%D8%B1%20%3A%20%D9%87%D8%AA%D9%84%D8%A7%D9%82%D9%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=114614207&gjid=1790163478&cid=1859173989.1636178839&tid=UA-5741484-7&_gid=1010664044.1636178839&_r=1&_slc=1&z=870377665

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eg.hatla2ee.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eg.hatla2ee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 341ms
46ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1728886123&t=pageview&_s=1&dl=https%3A%2F%2Feg.hatla2ee.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D9%82%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%B9%D9%85%D9%84%D8%A9%20%D9%88%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B5%D8%B1%20%3A%20%D9%87%D8%AA%D9%84%D8%A7%D9%82%D9%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1668732955&gjid=1890194280&cid=1859173989.1636178839&tid=UA-5741484-18&_gid=1010664044.1636178839&_r=1&_slc=1&z=41287053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eg.hatla2ee.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eg.hatla2ee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 medium_up_c293076edd82d922145e91c1d9baea10.jpg
media.hatla2eestatic.com/uploads/car/2021/09/21/4219422/ 13 KB
14 KB 46ms
19ms Image
image/jpeg 2606:4700:3034::ac43:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hatla2eestatic.com/uploads/car/2021/09/21/4219422/medium_up_c293076edd82d922145e91c1d9baea10.jpg
Requested by: Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7022a5ff035c728200c3262f4031e0eace199b9b406b27d4c602fbccd0151bbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:18 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223238
x-backendfr: opswsws2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 458002853
last-modified: Tue, 21 Sep 2021 09:02:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqxabBeI2H3MreYGJUBh5UuONCLzJLzt%2BEGo5RzV0EWpXQrvAcaNMsfICPkfb9b9imvSnUGXT%2BxN8UgJV%2BJbTgIRDm4v77Qu%2B7NlgsRMpwqtfqfxWETGi6mekBfd2I576tnk1TSoeqAQOap7V3eySf%2BygW6UaCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
x-cachefr: MISS
cf-ray: 6a9c240f7ca84e37-FRA

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 42ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=eg.hatla2ee.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
21ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eg.hatla2ee.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
16 KB 88ms
87ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=620794712835133&correlator=1519701054714001&output=ldjh&impl=fifs&eid=31063281%2C31063429%2C44752540%2C44754276%2C44748553&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211106&iu_parts=89971207%2CLeaderBord%2CTakeover-home-right%2CTakeover-home-left%2Cleaderbord_home_page_1%2Cleaderbord_home_page_2%2CShowcase%2Cnew_car%2Cnew_car_2%2Cnew_car_price%2Cnew_car_price_2%2Cused_car_price%2Cbrand_button%2Csticky-bar%2Cused-car-unit-widget&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14&prev_iu_szs=970x250%2C160x600%2C160x600%2C728x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%7C970x90%2C300x100&cust_params=section%3Dhomepage%26country%3Deg%26lang%3Dar&cookie_enabled=1&bc=31&abxe=1&lmt=1636178119&dt=1636178839013&dlt=1636178838552&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=314%2C122%2C1318%2C436%2C436%2C317%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9&adys=428%2C466%2C466%2C1060%2C1750%2C3007%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9&adks=1601653586%2C620781037%2C1699192496%2C2504560858%2C1824830254%2C1404544608%2C4166037178%2C820352057%2C175713856%2C1874296035%2C992413747%2C346253858%2C3713933415%2C2264212715&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feg.hatla2ee.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1004x286%7C160x0%7C160x0%7C974x0%7C974x0%7C308x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=968x0%7C160x0%7C160x0%7C728x0%7C728x0%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1859173989.1636178839&ga_sid=1636178839&ga_hid=1728886123&ga_fc=true&fws=4%2C516%2C516%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C644%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f8516223873be54ac20098a8fc7a4b56eed6ed437768a4dd359ea62205188ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
google-lineitem-id: 5825838863,5803744515,5825838875,-2,-2,-2,-2,-2,-2,-2,-2,-2,5805524586,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369668214,138366786544,138370087012,-2,-2,-2,-2,-2,-2,-2,-2,-2,138366687636,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eg.hatla2ee.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BB0 6 KB
4 KB 66ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 06:07:19 GMT
expires: Sun, 06 Nov 2022 06:07:19 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1923228841246505 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 220ms
219ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1923228841246505?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0a93ece5b0292726fe2106f249b499794d48b4033d9e2db4b9bf398684b2b03

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: i/Eklsnt1/SvjinAaGHPk5FNRaZ+B4y639jXIZTA2f3tOI1/bmDAjSf9pwn3QsRH78jg9HNVzORNcgHBWPN8OQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Nov 2021 06:07:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A26 0
0 30ms
29ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVya0bxngD0AZBNuF5TV9Y_UyeMUAQqmbONZgPeohBjoCog9LqPxPYFVITrgglhyD-d8tKAG7k9dmD65tMC6T1gsvyZXzmQa37rTG7h8vXtYecJTgo5IgY2yVUOhj90OqRne2xkHkCNp5MgvY9nIPOruEEKRNu8vWLgBTyVwlya2QUq3nUFm0PKQtTAMlQ_9H8L1iO6zE2fw4CbDcLoaOhyVeAEVLiaqiKUfcDtrW337onb_Tira-ADiwGzXkmBwPcYT3AEHuXKldIGkv6NMgsF7iU79uzGsLT65Q4WLV3XrWEf-ZuBQ&sai=AMfl-YSOvrsSWkKcUtLumT-z_shg3Yo1XoRa6i2x2I-cQ36lB_3RRjAl8vAOdNbkiY-3-wX4L0DSraIhkhhJYS7N2cgqiM3vuQE7Q8P0NVzmHYr7KejHpisq0FoC-LZs9vtf&sig=Cg0ArKJSzBLzUDiLoemLEAE&uach_m=[UACH]&adurl=

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0A26 3 KB
2 KB 40ms
0ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A26 120 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 11036929013362727187
tpc.googlesyndication.com/simgad/ Frame 0A26 94 KB
94 KB 54ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11036929013362727187

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866e1bad6b6a931452c4f9ac29ccf9662f01c394e23e6dada42077772e6642e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 14:43:35 GMT
x-content-type-options: nosniff
age: 141824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95983
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 11:38:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 14:43:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A55 0
0 38ms
37ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPI72-QNa-jxy6Ukh_JuBJPcrweO6OtztLfYcdakMgKG3TKZ1P4k_euBc9rA1H9FrA9rPLNUBJ1soTqcv4bO_9T6s0gaRJPaWmHCkJbJiMzYWMzJAYJGbWoSWSwy1wVa06Uw8l7np8sezHniLul-TI6_Zb-wZYycqW1NBxuYsvREuKIQJlMoKAndxLcJRbOcSBEbMPl5KWBNkpezvGz4b2DYwjcgXC47rXl8fZV96ZfN1hL5FfQ-MzNtR3teAHpm-5O2dIBVrXqumztIdfzv0u8McUeMprd3n6PDD1MfkVsmAyzYrmGEidywQFJx62dw&sai=AMfl-YQXEBnjV_8y2fZ2VedtsmAJKy0j8N6U6BUgN2AWEVNI3UOt7lDFv3BTadlsrvOEg3v23HFd4u5kDhc7wc5I6UJaQTMOvRtle6pYzcHIJrkSl9XeKwho58DwAbkYL2lI&sig=Cg0ArKJSzCYjo8E8iTvhEAE&uach_m=[UACH]&adurl=

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9A55 3 KB
1 KB 34ms
0ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A55 120 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A55 0
0 417ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwQrfbLK1Z3OgnP1X81732BaAKeztNP7cYPZqDP2dF-kNqJx2fPMocZ-e8_dvpVDu95akaj_XstMzZCf86fLk9z_nkew
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 9579959825529807501
tpc.googlesyndication.com/simgad/ Frame 9A55 29 KB
30 KB 54ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9579959825529807501

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ddb5ba33c75d5540ef1234ed9339d3bb1bc345d41346487a867ea9e3fe13ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 00:20:04 GMT
x-content-type-options: nosniff
age: 20835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30176
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 13:30:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 00:20:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F548 0
0 63ms
63ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtKKL5H_eQSgP8R_sFktAlyvwZvfPtbwr4oMy2tGGQmwzG3ryKesFJs4b-XgN__UhzqEa9_ghkrBJx2yGpaIXNIE5wcjESkaAWdXlhK5QKY_dDh93UAaGvFaoNU1vqGtxQzwtQyhAPUThbw3Bd2uKF_hf6fwvWZnqoHwo0oYpxQLs9-quBpxbcMmyBOn3Go0CQeCjkt0vQnVVWWwGNJYEpIh01CidgcLO2aR8J8ANjC-BbPdis4ZP0Ol-w5Isrl1KlbUIn5__Q8Ed2OVGTyN4nfIRJS-MwfYWoRUiOU4HCUAKFRoFJsYjZdk8N_tC-&sai=AMfl-YTLLTiAuUn496T_DBbUIHU1lC7CJIzz8pnjUvO2gTi6PpLhgqXllHYj8Ig0h6pe7dFXTnRQQh3DqnjkAqcZOihs2P-4TQ3m_BS6tn8hYdYjxk0okna6Ji_kZlj2Wv_e&sig=Cg0ArKJSzE3vF1X81xzPEAE&uach_m=[UACH]&adurl=

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame F548 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F548 120 KB
37 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 3926762850810339658
tpc.googlesyndication.com/simgad/ Frame F548 33 KB
33 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3926762850810339658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a8168deb3cd10d08ba365ada9ccbc0566fa0eefa7ef2e619745748b7e8215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 14:53:06 GMT
x-content-type-options: nosniff
age: 54853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33458
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 11:31:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 14:53:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 70B9 0
0 53ms
53ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn9fQbNMYqS5Dcv_Sd-u0o8BjxVAKKWapoADNV-NCQUIEWYe_UlFWG2Tyc17fymgdIPp7UqRw0GOBVAmqaIhcmDBwNogMY5hAD0JIF4PuFIuEl0b-q3wZZj8yEdr7Tkevh8wb7vrN7IXPO6zORphpEdDZYHde9jkRa9Bet7ZPYr1NS3INkmknYpZKI20oRxegVzy_RfwIkWJ7k2Az0K9g16AxGxJcttljv_RL6eQBMkjUmSTQS4w6XUEgHEjJz7dgO57Jr2Q_81F9wMT6BDFmUG1-r1WyOa3OD2R2mfM3Ggv8X50UKzw&sai=AMfl-YQzaRVSelQx6e6DhpyCwUDpFIEAJ-R4AHnNdHVQGEXTrbwP4Jqw4Ce9YVtm62eVUtghttbJ6pK60Fu4kSGV6fZ0xXa84hfgsT3k62VwwZs6zjuxP-xSh7MOimI-SgMK&sig=Cg0ArKJSzFiX810cnwwgEAE&uach_m=[UACH]&adurl=

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 70B9 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70B9 120 KB
37 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 471530648800179716
tpc.googlesyndication.com/simgad/ Frame 70B9 20 KB
21 KB 41ms
41ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/471530648800179716

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cd65e34e7a8708dd674a1fa8ea06352aabc2895c482b4d44caebe206e7281f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 22:05:49 GMT
x-content-type-options: nosniff
age: 374490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20865
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:15:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Nov 2022 22:05:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A55 0
0 44ms
30ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0u9yvHwrMdurO4MBc6fC7GsAJfBCGKfQjWHVWHIDceOKNhmlLt-6kxk7h7rAd1bSi_gPc8nz1WY3Oa5Ub-AQXSJ75J4wwX4MckJjXsVg-n3udoX1C6R6mB_P1rwQTyjNa0Oo5792Ab268Hwdg7P1mHwOncMvjI7pekSKTPo507_fQyhhbdWgbwoUjm978QgExdFh5t3ycSagvKLbJ_w5IiNxa9kCD4I347Q1OpPmVC8YMS5kMAZQXLsfen0lHJsyfG77DArjtHTs2zaW315bb4nYOT5eG8pyPjoa0dUxMIqL9GjG9lCL9gxC3Ig8hs1R7&sai=AMfl-YRq5Xv_UUqVPTeyRibdNKTThIKXDpjcZJ5WGD7fh-jX694kXRB1xFiZUbdFyKerIkLFK3MHr5JM738_AX1Sr1aO2jZWtNboUnjj2girIFAuZ19o-qxgVXFgyT5fGblf&sig=Cg0ArKJSzOclpZubOfvJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
DATA 200
OK truncated
/ Frame 9A55 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b0d6316a5e450479aba4c98b457b601fcb9785716b19063e08c746244d8f731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 285ms
15ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5741484-7&cid=1859173989.1636178839&jid=114614207&gjid=1790163478&_gid=1010664044.1636178839&_u=IEBAAEAAAAAAAC~&z=1255952717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eg.hatla2ee.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 06:07:19 GMT
content-type: text/plain
access-control-allow-origin: https://eg.hatla2ee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 284ms
15ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5741484-18&cid=1859173989.1636178839&jid=1668732955&gjid=1890194280&_gid=1010664044.1636178839&_u=IEDAAEABAAAAAC~&z=1107507107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eg.hatla2ee.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 06:07:19 GMT
content-type: text/plain
access-control-allow-origin: https://eg.hatla2ee.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A26 0
0 30ms
29ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpIXhSYTCMrjCrph_oDzMBGL4IQvjpQMF7O9UpIwqZ9CrF6iTSX18KLe23B0JswlWcz-ehXA8ty-XKRrKs69YNbcosexBiOyvQPwdBaKsnxnB4YmlnnteBFB8MoDsZ7b1517F_vL-jftll5DbYB4vZK719WL_j5qfis1Picxs6hirFD-drC5HcyYtIAvw9lUWqCPSrc95GxrUMSJYk_tYV2K1rYcG2a0mUrzSCHvnGXz4tNdEgXwl9n7ZCsnG2I6zzSMaG4fV21vAvRKiX2oQHMxEHZfOarAPMOyHXTbJMst6mSjDNyyP5&sai=AMfl-YSAO_mZpua1eYqaEsqEuhHFEpwX4ZDG68gXxTf3yCK3iNehOZG6x6nuaK-pC9ayeIr--gn7A0_H0g3RH65K0-qwamzr8vy89ma0uw4pQD3aGnLcFjuOb_suu_2O-uWS&sig=Cg0ArKJSzFxacsaAtmedEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
DATA 200
OK truncated
/ Frame 0A26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb83c4e98bd6211cd3fddc31df9a62f965cdfcdb91e7ec2f52899e605dba8e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 234ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1923228841246505&ev=PageView&dl=https%3A%2F%2Feg.hatla2ee.com%2F&rl=&if=false&ts=1636178839314&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636178839313.1373406110&it=1636178839047&coo=false&exp=p0&rqm=GET

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 70B9 0
0 29ms
29ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9_Feh_rSomd9Ujz5NllE8ZMeFx-ZP8dbxY3eOz_CLSPpZ41rTXy9K1wDOm6WcEpkChSt2j-jjtA9WbOHlnYiBzb8t7KsgXVgvV-Ica1gU9furRdXB1-YN08QvAEmumMom_seuVVlhPtzuaR9ESzY6SlaCD-jEy7bneeJQeh1bmG4y0wZxIxiAdUDgW08mKQh2ScOG_ITRt13b3-NtZxPB6Owj5RsFL2qvUJlkiXPOWXcNgLiVh3HFwz2TiDR_Huc1xrJqT8FT5bgzByxAtxA1ZbCk9YYpPYB5g_zQPyGZa9F2dcatrWFH&sai=AMfl-YQwTpoZ_eif_kaLv1hkTiC23c62gzfram4z-WBUoZeUSfgBlRwY2tekrPwJg1SYT252Wb2bqzOI6K3j2cfhv2_317pV10gG18xj21zCWg-LOp-r_XGAAABmqBHDZwQe&sig=Cg0ArKJSzE1gNv726NwrEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
DATA 200
OK truncated
/ Frame 70B9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4eabd0eef2b4023f6322d5c2d7a3fc0d27ae5a420555187f61a318651b98e471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F548 0
0 29ms
29ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE1U3PIPNcOyiR0r5e_pr23Hl_1TY6yPhgUNRp2hWKuANaTMLhJ-Z_hRQBj6yc0RzYp70iPGgSn61bMxn3CzUfFFH48hLYoGbbyKdJlBSVfU1e3RfAb5h-5E3imAiPNz7wpNGoAX9t9-earC19xgt0F2v61Lg55BJkZmtK9kkbdswB7QYwAW2fQBSpNekmcRpyArPFht6ezkQLFgQp4B75aw3kt9nNvpHJjOFtmSTq52CDcHArthnIFKEYU0njobMOfNn-Uw5Kb6sqzhyF6BHV_FVqizHY79otfHkSq5nKmb7lgGO-uiMQZqlzn_AyTpY&sai=AMfl-YTMusYQq6PthJ0EmZ0LK3V-Q2ec9DGvXsw8rMEJ6DXW9qjZICdVT3FABO82UdulAa1gzhAmU-WToBPzUO0_F5Ajs2am64RD-RvgHBXDw1Koz5zqlZT6z7Af1WyqYawl&sig=Cg0ArKJSzAViURMoNfNQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
DATA 200
OK truncated
/ Frame F548 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17c3089976c9c96a0ea1c32c0455cd3655c033a54dd8b7a9031aca6bf4987685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5741484-7&cid=1859173989.1636178839&jid=114614207&_u=IEBAAEAAAAAAAC~&z=666160143

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5741484-7&cid=1859173989.1636178839&jid=114614207&_u=IEBAAEAAAAAAAC~&z=666160143

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5741484-18&cid=1859173989.1636178839&jid=1668732955&_u=IEDAAEABAAAAAC~&z=1927096448

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5741484-18&cid=1859173989.1636178839&jid=1668732955&_u=IEDAAEABAAAAAC~&z=1927096448

Requested by

Host: eg.hatla2ee.com
URL: https://eg.hatla2ee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 39ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bd8dec2fd90efd96c6434baf68d47e2030115b7aef5377833f9c8f004b32ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9329
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 06:07:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4BB9 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 05 Nov 2021 21:47:04 GMT
expires: Sat, 05 Nov 2022 21:47:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D16 783 B
970 B 17ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46706f7283e0d0b0e4d82f730b97f636d85d301332037f2e9660aa4e6249354a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XWj2fR78otppHfHgU6uY/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 06:07:19 GMT
date: Sat, 06 Nov 2021 06:07:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XWj2fR78otppHfHgU6uY/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BB9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 379192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 20:47:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D16 0
0 60ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=620794712835133&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 29ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=620794712835133&bg=!mZqlmt7NAAYH3anuB907ACkAdvg8Wn5yKIpWbhd-PdekkMjEBu8c2DWBNZqyfRxeA8BEkOGcQE2ZqwIAAABlUgAAAAxoAQeZArci3kLZLetR1vQptYW_lA3lr5ehL0upOc96SaPs2nHP4fhG6pqWXaoIWyH6P_A6uCG3L-hPrB1DHilDjiT7rUPXJj_Mhtkkk1suKwycL5ILxOCTznUBBCkCaeM9hWO9a2qzdHMc9FPN-Okt_ib7PPpj7B0l3dELQgDLmBgAM1xkUFl2hkxJyhd4Ct4q4HjjKl3Aa8T7Ni75mrnRieBCIuMfChQ6Bj_qzpn8EYFuJKMocp9DywWpL15qGZkr2Rx8ujbFrqhkR-i9weODhLsA43LJVOaLY9I_p7a9XtTgx4cgGZd07xZE1I7BEpFMrf9VgciDTPfmC_45iD17fXpOukOF-IaVk5CUiX7Q4a0J2UUbYrDUiEcqe-OhSozpEXWoaUrdm7Dc4jm4PdB9rIDy4ccwS4ID-5Bp_r8dtpE2ViVsj6eL-R25xFWruFSk8k95AxZolsFC4B19w4E_HBn39ylhVl5wVJWtvLna64Ek93KSz-Pn-sgN3Cy2NI9-HdRHyrV8hrnypbRUvD2oIMDeOCRDvfTEyP_sCcV4y3_4VmBTl5BbZkMdDyeqkkKEbkSwf8T2E1Ek4er7AH4sxyvuBckbL8UOS9ZPf2PRl8IBrdDmtYPXDeBz0Oe7OILAdyMvzPs8pAtfkYFLSLWfgR10ccxuanrEs8QnS_yz7JhPhzTDzb8DeMFy-RDjM640LEf6_23M7BV-SL4B6cr6fokWJAa6m4WRzyFYsxT4BbVLLAVZDsbmCM5XCZPe9CXhyMObCmYhx3WmuNF9JlpEyD2FRKMGabZytXypUs46JMUYzfCIzqWJ8DFnvW5qifU8MeDqIIrnAlvJwp5zypZOkFINV-NBNHegyEFwi9WmN0FqF2u3ImMN1_P6--0akqb8pT_pNgeuz-kPbGoTSbLQKg5yVxK6Gso9LxJ-hg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A26 42 B
174 B 28ms
27ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVkosXfqlqT6AzuFP3ySDqbWqx3n-drAOoiwyUMGPd0cFPKac7-AGcuAw0FninYRga9oHlYoOo5QiP45upWuoSsCdzV6f7QVgu3qc2agxGvz1Em7_t&sig=Cg0ArKJSzI335hJTesOeEAE&id=lidar2&mcvt=1000&p=178,314,428,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1601653586&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636178839123&rpt=160&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A55 42 B
108 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWRC3lzntiM5HtTU1uvJMCyNhcqpNXYW_j_NKkwqX4o1hzHwTkk33vYrCT7mDRg38wW6T9KRLv3lgmsHvjf6t46fgEsZRatgg8gTeejEdDS2GD5c2G&sig=Cg0ArKJSzFdoSw-I_JpSEAE&id=lidar2&mcvt=1002&p=466,122,1066,282&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=620781037&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636178839130&rpt=138&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F548 42 B
108 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst84xf5oZHBgDxkuKmNQ48f0ZUMNnmGmTMlUwB_ZMULzGU_KF8bIEEtkw2YdJS0Irmu5ld3mORqP6bFK1FsDLFDTb_KcdiJgil8ez0ryJUxjIPuZc-7&sig=Cg0ArKJSzNO-xGC5vVCCEAE&id=lidar2&mcvt=1000&p=466,1318,1066,1478&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1699192496&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636178839191&rpt=388&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1923228841246505&ev=Microdata&dl=https%3A%2F%2Feg.hatla2ee.com%2F&rl=&if=false&ts=1636178840825&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%B3%D9%88%D9%82%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%B9%D9%85%D9%84%D8%A9%20%D9%88%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B5%D8%B1%20%3A%20%D9%87%D8%AA%D9%84%D8%A7%D9%82%D9%89%22%2C%22meta%3Adescription%22%3A%22%D9%85%D9%88%D9%82%D8%B9%20%D9%87%D8%AA%D9%84%D8%A7%D9%82%D9%8A%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85%20%D9%8A%D9%82%D8%AF%D9%85%20%D8%A3%D9%81%D8%B6%D9%84%20%D8%AE%D8%AF%D9%85%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9%20%D9%84%D8%A8%D9%8A%D8%B9%20%D9%88%20%D8%B4%D8%B1%D8%A7%D8%A1%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%85%D8%B5%D8%B1%D8%8C%20%D9%8A%D9%85%D9%83%D9%86%D9%83%20%D8%A7%D9%8A%D8%AC%D8%A7%D8%AF%20%D8%A7%D9%81%D8%B6%D9%84%20%D8%A7%D8%B3%D8%B9%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%B9%D9%85%D9%84%D9%87%20%D8%A8%D8%A7%D9%84%D8%B5%D9%88%D8%B1%D8%8C%20%D8%A7%D9%88%20%D8%A7%D9%84%D8%A7%D8%B9%D9%84%D8%A7%D9%86%20%D9%84%D8%A8%D9%8A%D8%B9%20%D8%B3%D9%8A%D8%A7%D8%B1%D8%AA%D9%83%20%D8%A8%D8%AC%D9%85%D9%8A%D8%B9%20%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%A7%D8%AA%20%D9%85%D8%B5%D8%B1.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636178839313.1373406110&it=1636178839047&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eg.hatla2ee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:07:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Nov 2021 06:07:20 GMT

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hatla2ee.com/	1970-01-20 16:00:50	Name: _ga Value: GA1.2.1859173989.1636178839
.hatla2ee.com/	1970-01-19 22:31:05	Name: _gid Value: GA1.2.1010664044.1636178839
.hatla2ee.com/	1970-01-19 22:29:38	Name: _gat Value: 1
.hatla2ee.com/	1970-01-19 22:29:38	Name: _gat_domaine Value: 1
eg.hatla2ee.com/	1970-01-20 00:39:14	Name: open-counter Value: 1
.hatla2ee.com/	1970-01-20 07:51:14	Name: __gads Value: ID=ee75f87f2619fbc8-224aa83127cb009d:T=1636178839:S=ALNI_Ma_AN2P-CezECpkNj7jiAGeh4q-6w
.doubleclick.net/	1970-01-20 07:51:14	Name: IDE Value: AHWqTUlEHkakAVBxwDPnpwTTWZz2zPpB3l7-VP1MRWOtIESVtev8TUvM5N_WvS_HWJ0
.hatla2ee.com/	1970-01-20 00:39:14	Name: _fbp Value: fb.1.1636178839313.1373406110

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09b338162841ee24c73c2395ee9e16a1.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
connect.facebook.net
eg.hatla2ee.com
hatla2ee.com
media.hatla2eestatic.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.74.194
2606:4700:20::681a:6c0
2606:4700:20::681a:7c0
2606:4700:3034::ac43:bd59
2a00:1450:4001:802::200e
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
06b3813d0d2e7c58b6e1f144e42e33940321a90318163ff542561c5a9952bcd3
0968455e8573ad529dc166eba799e42caaefec82b67428f7cba79bd1d8c97216
0cd65e34e7a8708dd674a1fa8ea06352aabc2895c482b4d44caebe206e7281f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17c3089976c9c96a0ea1c32c0455cd3655c033a54dd8b7a9031aca6bf4987685
1c4ef52d025161233cde9655bba8c9e1b271c7e2d99337ce43b3bbc854a88ca4
234ab4bfc09d8aefc0a6f1afaafb36ec89ccadba17863d6114566b402c45ef64
2d7a1219cbdc3e67902332b87c6931a1e89b03e26bf44cd2f79e5d85f313ba34
336252920e85f1b6a227ad42a6a99ea5748982f78446b1a84bd80553096486eb
3654f6681bea316ab7579bd5bd0bdc299d9e45ad43703a8a8d1fb7b874eeafb0
38bbc054d43e472d767f5ff8ee234ba914592671a3867b7e1fb020d07c1aa9d9
3b491bffb12e7b548f9f3102afa721890f66fe7aeba30ed4b0d92d7d6fed1c38
3bd8dec2fd90efd96c6434baf68d47e2030115b7aef5377833f9c8f004b32ca7
3ddb5ba33c75d5540ef1234ed9339d3bb1bc345d41346487a867ea9e3fe13ab5
46706f7283e0d0b0e4d82f730b97f636d85d301332037f2e9660aa4e6249354a
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4eabd0eef2b4023f6322d5c2d7a3fc0d27ae5a420555187f61a318651b98e471
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
7022a5ff035c728200c3262f4031e0eace199b9b406b27d4c602fbccd0151bbd
772ebfd6a8738568e21ae7c711289fb9eace128113df0047455559eed11b358c
7a6a8168deb3cd10d08ba365ada9ccbc0566fa0eefa7ef2e619745748b7e8215
7b0d6316a5e450479aba4c98b457b601fcb9785716b19063e08c746244d8f731
8048179a9e6d2a88bffa8f7feef5e078c9959376218c622b6d0f14a8628d3f80
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866e1bad6b6a931452c4f9ac29ccf9662f01c394e23e6dada42077772e6642e5
870c5d3402a3b10fa0b28577062487bafc92587e51234bb2818c27e79ff89d0d
8938b2d12b8b2f1bc194d0d1fc0d6a5cbeec9462bb4c6db9c759d8b83a09e759
95a0ac74a26bde21b3e93701d9074068cb9402669b12a6986bcc0718c268a981
9d61fdba0290ea6cc905eb69d9092ebf027e70f8385b793b140c848a31c23451
9f12327afa859ebc6fb70b0676454a3655998e8c7d5c06da7afc8925e8d5ff61
a0a93ece5b0292726fe2106f249b499794d48b4033d9e2db4b9bf398684b2b03
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b084eafce4212b77b0f96c440a310283a17dd9638d741c31edbe11efb46e3e0a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b8cd5b63aa619f2b5c65fb5bf3ac58ab2a64fdd000482330e2d9cc8c97e1eff0
bb83c4e98bd6211cd3fddc31df9a62f965cdfcdb91e7ec2f52899e605dba8e56
bef981658f51bf5b0cdcb19e9849270514e2d9f9abeba3da1a8f4b1531256365
c2ba511c6405506a889996aca748e3b0985624caca660a1f16385fbf5778f52e
c893d1464c078f6fd76c6ab0b140105d2fe3cad26cb0371a95cce15e9dfe9ab4
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d4fb9a508079cb8129dcc8474fc477e68fce532d918cfe8fedbc3ad492a59ca8
dfc14db642406238470b1dc09aac2cb8affa315c4ee5d5d56de567b718fdfb72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8516223873be54ac20098a8fc7a4b56eed6ed437768a4dd359ea62205188ade
fa556fc5aa02c0a59838e2b9b1574ef34b2ce205c58f19b3a73d3c41b5c34cd0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

eg.hatla2ee.com Open in urlscan Pro 2606:4700:20::681a:6c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

74 Requests

100 %HTTPS

93 %IPv6

11 Domains

16 Subdomains

15 IPs

3 Countries

1546 kBTransfer

4041 kBSize

8 Cookies

32 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eg.hatla2ee.com Open in urlscan Pro
2606:4700:20::681a:6c0 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

1546 kB
Transfer

4041 kB
Size

8
Cookies

74 HTTP transactions
4 data transactions