www.scener.com Open in urlscan Pro
76.76.21.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.scener.com:443/
Effective URL:
https://www.scener.com/
Submission: On October 09 via api (October 9th 2023, 1:39:03 pm UTC) from ID — Scanned from DE

Summary HTTP 181 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 25 domains to perform 181 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.scener.com. The Cisco Umbrella rank of the primary domain is 391446.
TLS certificate: Issued by R3 on August 25th 2023. Valid for: 3 months.

This is the only time www.scener.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2600:9000:249... 2600:9000:2490:b400:12:5719:c480:93a1	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:2000:6:42:2840:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
8	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
5	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	3.9.250.12 3.9.250.12	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	52.56.171.192 52.56.171.192	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	52.32.98.110 52.32.98.110	16509 (AMAZON-02) (AMAZON-02)
181	41

38 76.76.21.93 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.scener.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:b400:12:5719:c480:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.scener.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2000:6:42:2840:93a1 (United States)

ASN16509 (AMAZON-02, US)

gcfn.scener.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.27.193 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.250.12 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-250-12.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.56.171.192 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.32.98.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-98-110.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	scener.com 1 redirects www.scener.com — Cisco Umbrella Rank: 391446 media.scener.com gcfn.scener.com	1 MB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	382 KB
22	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	209 KB
17	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal90008.redintelligence.net — Cisco Umbrella Rank: 278786 hal900011.redintelligence.net — Cisco Umbrella Rank: 386054	111 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	489 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	5 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118	35 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1487 q.stripe.com — Cisco Umbrella Rank: 8805 m.stripe.com — Cisco Umbrella Rank: 1382	154 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	37 KB
6	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	2 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	5 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	457 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 927	967 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1603	16 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	602 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1157	17 KB
181	25

	Domain	Requested by
38	www.scener.com	1 redirects www.scener.com
23	pagead2.googlesyndication.com	www.scener.com pagead2.googlesyndication.com 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	hal9000.redintelligence.net	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com hal90008.redintelligence.net hal900011.redintelligence.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
6	www.googletagmanager.com	www.scener.com www.googletagmanager.com adv.office-partner.de
5	pv.medialead.de	hal90008.redintelligence.net 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com hal900011.redintelligence.net
5	hal900011.redintelligence.net	1 redirects 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com hal900011.redintelligence.net
5	tr.snapchat.com	sc-static.net www.scener.com
5	media.scener.com	www.scener.com
4	api.webgains.io	analytics.webgains.io
4	5994599.fls.doubleclick.net	2 redirects www.scener.com 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
4	hal90008.redintelligence.net	1 redirects 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com hal90008.redintelligence.net
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.scener.com www.gstatic.com www.google.com tpc.googlesyndication.com
3	q.stripe.com	www.scener.com
3	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	js.stripe.com	www.scener.com js.stripe.com
3	securepubads.g.doubleclick.net	www.scener.com securepubads.g.doubleclick.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	adservice.google.com	5994599.fls.doubleclick.net
2	cdn.track.production.webgains.team	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
2	analytics.webgains.io	track.webgains.com
2	fonts.googleapis.com	hal90008.redintelligence.net hal900011.redintelligence.net
2	www.awin1.com	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com hal900011.redintelligence.net
2	track.webgains.com	www.scener.com 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
2	adv.office-partner.de	hal90008.redintelligence.net hal900011.redintelligence.net
2	www.googletagservices.com	0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	m.stripe.com	m.stripe.network
1	medialead.de	1 redirects
1	www.facebook.com	www.scener.com
1	www.google.de	www.scener.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sc-static.net	www.googletagmanager.com
1	gcfn.scener.com	www.scener.com
181	42

This site contains links to these domains. Also see Links.

Domain
scener.com
www.twitter.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.scener.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-06` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.scener.com/
Frame ID: 9E593D7931C0452C1627D9D1C0072B74
Requests: 72 HTTP requests in this frame

Frame: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E8715D1790FE9E5CC58BA2209B51D78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: A7A895AA5FAB65F36EC189DC0D799397
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3149408578918334&output=html&adk=1812271804&adf=3025194257&lmt=1696851537&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fwww.scener.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696858737116&bpp=4&bdt=4590&idt=265&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7277543717989&frm=20&pv=2&ga_vid=2129910099.1696858737&ga_sid=1696858737&ga_hid=1594606321&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C31078599%2C44798934%2C44804782&oid=2&pvsid=4303603916233094&tmod=1537684660&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=304
Frame ID: 7313CA031CDECF8B5165D0AFAC753BE8
Requests: 1 HTTP requests in this frame

Frame: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78B744002001492AA3D171EAF370A69D
Requests: 21 HTTP requests in this frame

Frame: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C802B5F21681BBDD1D9A24333D53EE96
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks&co=aHR0cHM6Ly93d3cuc2NlbmVyLmNvbTo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=rk0qnibtgwsm
Frame ID: 25C9D6CC9AE30463A6ACCAB2D63066C8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXiXYPXwIR8DSixGNFPFQW0TF4XbMKEYuGIgPijLxubBDd-XphNzEM-gfakp9AOl-DafhYZK1EINCwlIJEer8tCctqwrqk5DPAirNP_KAZ0NwdcMI2Stb-9GIJtV7t3GuZaLWyNWhlk6FHirqf9l5bDEIDf__IhqB9I2UHJrwCNxz0RS-E
Frame ID: BC44BEAFDF4B296834D6981277E83B5C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU7Pbjkm70ps6G9z-HnxL31pxMdrzz32ua9uu-vnShYFYtMh9nBq2LLXieKF0FPPMSpdnJcqCuVuimn8AU_dVUDbHExr7uH9sFerX6jl4uWb3J56BZYzkZdgD7eFPkWegMiQ5QCDy51zx7_lC14wNwuKUGzeEzZfkMFryQj-OHA9lf-h7M
Frame ID: EC7ABB3ADDF4061791D1E6D01BCDF629
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b&u_scsid=538f20f3-fe5a-4cb4-b790-edd36a482cd4&u_sclid=f5a6379b-71a4-4842-b924-29af4d792d4c
Frame ID: 39E065A4B065443C90F07C56740580A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88C12C76FFB291F969EC4A6CF73BF9F1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D41003FB6C65408E309607EA8D3ADA1C
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 1EDEC930B8706CC09D3A41AAA5FB94E2
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 12021A05AD4E171C8327F51F9603616C
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343
Frame ID: 9A4B0E6DE7C6DE0E7F69AB7AC396137B
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Frame ID: 2BF79719DC0808235731AC8964270752
Requests: 8 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95155900091067604445002012472011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 3EEEF734DDE6752C56CADF94AA411A82
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 00B6FB49769201F0129960F65CEA9EF5
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109
Frame ID: 774718A32520EB13920DBE0312BC00A0
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Frame ID: 292B05712A61CDD0B445676307C01AB9
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D18FFC509176270AB2B69059086FCDEE
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B1AF8307806EC236D19F762B0E99F387
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F3FF0073C42AE9278C9FAEE0366DAA5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 930B65E525681AB5D6F0915A15C42C92
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scener – Watch Netflix and more with friends

Page URL History Show full URLs

http://www.scener.com:443/ HTTP 308
https://www.scener.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

181
Requests

94 %
HTTPS

51 %
IPv6

25
Domains

42
Subdomains

41
IPs

7
Countries

3561 kB
Transfer

13756 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://scener.com/premium

Search URL Search Domain Scan URL

URL: https://www.twitter.com/scener

Search URL Search Domain Scan URL

URL: https://www.instagram.com/scener

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/18797543/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.scener.com:443/ HTTP 308
https://www.scener.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQCcQuOQWbeVbVpwJZiJAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQCcQuOQWbeVbVpwJZiJAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

Request Chain 113

https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 117

https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 123

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343

Request Chain 125

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 150

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109

181 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.scener.com/
Redirect Chain

http://www.scener.com:443/
https://www.scener.com/

191 KB
33 KB

54ms
20ms

Document
text/html

76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

a40260767d46373cfa0593c2deb5ec3fc6ce16e298d7ffb5725060c83e93d208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 119
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 13:36:53 GMT
etag: W/"i78ybiw7vr4781"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-powered-by: Next.js
x-vercel-cache: HIT
x-vercel-id: fra1::pdx1::67p77-1696858732507-e280232be589

Redirect headers

Content-Type: text/plain
Location: https://www.scener.com/
Refresh: 0;url=https://www.scener.com/
server: Vercel

GET
H2 200 ddcde9ec9b5b4991.css
www.scener.com/_next/static/css/ 20 KB
4 KB 21ms
20ms Stylesheet
text/css 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

abc8ef91a30c7108b243bc1e82fbf6461c02f16c7cc0472c0f756a5b3b0255e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fb4xz-1696858732539-64be1563b6c4
age: 30357
x-matched-path: /_next/static/css/ddcde9ec9b5b4991.css
etag: W/"d9f635ad6ff51c6ba142c86dcb04bc60"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="ddcde9ec9b5b4991.css"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 3978ms
3929ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

807072fcd05e6c7bb285c66f8da0fc5ace71e8c8e294a35cbe8ebd181a61d032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29555
x-xss-protection: 0
server: cafe
etag: 418 / 19639 / m202310030101 / config-hash: 2030080448169413085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:52 GMT

GET
H2 200 slots.js Show response
www.scener.com/js/ 3 KB
1 KB 3955ms
3949ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/js/slots.js?fUr8rNRzz1T0UoUfuhsjq

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

77dc190f943b3b0495c171cc57ea28e05dcc354d0341bac69d5c2b5b0c1d0193

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2nqkm-1696858732612-99631ad0dc03
age: 30357
x-matched-path: /js/slots.js
etag: W/"f8dc73a69acde695567152e7445f7cd0"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=31536000, immutable
content-disposition: inline; filename="slots.js"

GET
H2 200 webpack-61e632da994c9925.js Show response
www.scener.com/_next/static/chunks/ 5 KB
2 KB 3946ms
3940ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/webpack-61e632da994c9925.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

831556b334242467d78e5c235decd50ea999663e57e8dae012da2b4454ea0287

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8q68r-1696858732609-c82326681a2d
age: 15230
x-matched-path: /_next/static/chunks/webpack-61e632da994c9925.js
etag: W/"a282d567240f917c027d21d85c900823"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-61e632da994c9925.js"

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.scener.com/_next/static/chunks/ 127 KB
43 KB 3969ms
3963ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9sz22-1696858732609-2713f1cb6bc8
age: 30357
x-matched-path: /_next/static/chunks/framework-79bce4a3a540b080.js
etag: W/"8ceac1a0789024027e37cca07bebaad2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-79bce4a3a540b080.js"

GET
H2 200 main-afbafb20a930ca1e.js Show response
www.scener.com/_next/static/chunks/ 116 KB
36 KB 3969ms
3964ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/main-afbafb20a930ca1e.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8692198e9db8cf8302b47f7ef8f63fee94d8411ec613ca0b6245fa0bb2269c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xbhlk-1696858732608-94bb2b9e23a7
age: 30357
x-matched-path: /_next/static/chunks/main-afbafb20a930ca1e.js
etag: W/"5314c6c890f23a825f94cc0ec9e97557"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-afbafb20a930ca1e.js"

GET
H2 200 _app-e48ad50861439fce.js Show response
www.scener.com/_next/static/chunks/pages/ 266 KB
83 KB 4073ms
4068ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

291b5afcf8fa49c536f5a9bdeb76a3f7979e76c1779cf0336b2701429782e4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::46lcn-1696858732638-825d07d377b2
age: 30357
x-matched-path: /_next/static/chunks/pages/_app-e48ad50861439fce.js
etag: W/"40304a045d85600a36e88176b842a0f1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-e48ad50861439fce.js"

GET
H2 200 d6e72859-1ecaa8cce54fef78.js Show response
www.scener.com/_next/static/chunks/ 66 KB
20 KB 3946ms
3941ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/d6e72859-1ecaa8cce54fef78.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c90fdcb74046b72c463c41cf1b6ebfbe186c029282a1598237ee7fd0395e97e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ntcgv-1696858732611-cc0459eeb755
age: 30356
x-matched-path: /_next/static/chunks/d6e72859-1ecaa8cce54fef78.js
etag: W/"214538f498f386b9f2109bca3656ace1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="d6e72859-1ecaa8cce54fef78.js"

GET
H2 200 a198fdd9-67e547ffb39ba5f3.js Show response
www.scener.com/_next/static/chunks/ 130 KB
40 KB 3945ms
3939ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/a198fdd9-67e547ffb39ba5f3.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d0bab55aa2bee0b66cd14c5ebd97c3060886e499104310f311ab9312f03ff357

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::922cj-1696858732608-89f1359c88de
age: 30356
x-matched-path: /_next/static/chunks/a198fdd9-67e547ffb39ba5f3.js
etag: W/"34d7d147bdaaaa53529d281525fd87b4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="a198fdd9-67e547ffb39ba5f3.js"

GET
H2 200 7112840a-bdaa8515f1048860.js Show response
www.scener.com/_next/static/chunks/ 154 KB
47 KB 3944ms
3938ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/7112840a-bdaa8515f1048860.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e5079589dbc92be0815a290fb832e85e32f8f4aa2624301c9915eeff916cefea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ft552-1696858732602-eb3a75329720
age: 30355
x-matched-path: /_next/static/chunks/7112840a-bdaa8515f1048860.js
etag: W/"56120633c5fb723e0f5135869a8fdc41"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7112840a-bdaa8515f1048860.js"

GET
H2 200 7152-b53d7b8e0f817320.js Show response
www.scener.com/_next/static/chunks/ 5 KB
2 KB 3944ms
3939ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/7152-b53d7b8e0f817320.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0e8208049601280bc5fe0f192f5dfbfc98c0389331ef5842b61aef9bac1aa1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fb4xz-1696858732598-bce1479a0217
age: 30356
x-matched-path: /_next/static/chunks/7152-b53d7b8e0f817320.js
etag: W/"b039827f7fa8e5c5fa8271748d4a6cd1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7152-b53d7b8e0f817320.js"

GET
H2 200 4445-5727e3e41d7b26d1.js Show response
www.scener.com/_next/static/chunks/ 78 KB
24 KB 3944ms
3939ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/4445-5727e3e41d7b26d1.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5255ec95613ec358009e33be49f2aaf2e4be69d631453e727baa8d9ad308a006

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vw4ph-1696858732600-b92e5c6a41f0
age: 30356
x-matched-path: /_next/static/chunks/4445-5727e3e41d7b26d1.js
etag: W/"4d8c9c7148671c1d26aca42078db0e54"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4445-5727e3e41d7b26d1.js"

GET
H2 200 8711-c3e45858b3f2f1cd.js Show response
www.scener.com/_next/static/chunks/ 363 KB
107 KB 4005ms
4000ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/8711-c3e45858b3f2f1cd.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

af1e3c92517086ea2245143a9ee42097e21bdada9c2dab8825c87dde96c2b1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::zj2jq-1696858732619-2f625db74154
age: 30356
x-matched-path: /_next/static/chunks/8711-c3e45858b3f2f1cd.js
etag: W/"84cee1333d2bce54c73e71b475cc6e5f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8711-c3e45858b3f2f1cd.js"

GET
H2 200 5517-005d263cfee742e4.js Show response
www.scener.com/_next/static/chunks/ 106 KB
32 KB 3987ms
3982ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/5517-005d263cfee742e4.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0037ce761c90335dd71b547152e979f167acbd9b59b6494d65710d2e5467caab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5bsmv-1696858732618-f3ce400abfb4
age: 30356
x-matched-path: /_next/static/chunks/5517-005d263cfee742e4.js
etag: W/"3b0a6337b9581de799e6b077e986dc3e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5517-005d263cfee742e4.js"

GET
H2 200 3048-8a3cf0fc990c9a3c.js Show response
www.scener.com/_next/static/chunks/ 41 KB
17 KB 4017ms
4012ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/3048-8a3cf0fc990c9a3c.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e93d0eafe2762167fc7e17f3d962c99c807a03481d44f7dfac340880a79d0977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xg7lw-1696858732616-9d89cbbb6c3a
age: 30354
x-matched-path: /_next/static/chunks/3048-8a3cf0fc990c9a3c.js
etag: W/"e5fb73859f175200921e32afe063f04f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3048-8a3cf0fc990c9a3c.js"

GET
H2 200 7485-ac5cadfa3257b335.js Show response
www.scener.com/_next/static/chunks/ 27 KB
9 KB 4066ms
4062ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/7485-ac5cadfa3257b335.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0eec2a346ff5d6bc99f84f4f96c1e99bcb8bfaae5cb354e734e1dec3119e8a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::px9rt-1696858732616-1c4150125d32
age: 30312
x-matched-path: /_next/static/chunks/7485-ac5cadfa3257b335.js
etag: W/"a042a92a5f97ed5e455c19929e9b4b5c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7485-ac5cadfa3257b335.js"

GET
H2 200 1608-12ffbe7c35534115.js Show response
www.scener.com/_next/static/chunks/ 15 KB
5 KB 3951ms
3947ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/1608-12ffbe7c35534115.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7ee615b8e4d6d6222536309c5b90ea4c35335d1cae62852b332865fdd9bb3323

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xwr57-1696858732614-67c8fded9b9c
age: 30356
x-matched-path: /_next/static/chunks/1608-12ffbe7c35534115.js
etag: W/"8ec791e3cff8aba76e6ae52820359058"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1608-12ffbe7c35534115.js"

GET
H2 200 7581-ce6ac26380d96e2e.js Show response
www.scener.com/_next/static/chunks/ 63 KB
18 KB 3973ms
3969ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/7581-ce6ac26380d96e2e.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3a415eeda877304fdc2c15a9789c4b8fb327ae9a886ec5158189d47943e605fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2snjz-1696858732620-16e9e65ba3ea
age: 22756
x-matched-path: /_next/static/chunks/7581-ce6ac26380d96e2e.js
etag: W/"840777ac8059622b36a7337fb3aae4e8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7581-ce6ac26380d96e2e.js"

GET
H2 200 5173-1081f657be5b5b5d.js Show response
www.scener.com/_next/static/chunks/ 16 KB
6 KB 3987ms
3983ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/5173-1081f657be5b5b5d.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ad41c26c911479a899d2a7af6dd4e699081fcea28e0c279dfa762c54499297a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::trzh5-1696858732622-2a4cd05ac722
age: 30356
x-matched-path: /_next/static/chunks/5173-1081f657be5b5b5d.js
etag: W/"382436b6db43a8219719b65658b36e7d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5173-1081f657be5b5b5d.js"

GET
H2 200 5515-dea7b773f2bb4595.js Show response
www.scener.com/_next/static/chunks/ 175 KB
56 KB 3987ms
3983ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/5515-dea7b773f2bb4595.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a3187342bff92211fdd2eaec05c3459396276649caac1df44d9eb5a68c2e4f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::49rwf-1696858732620-8691a95ab4ae
age: 12633
x-matched-path: /_next/static/chunks/5515-dea7b773f2bb4595.js
etag: W/"517bac48a2ba86296216828560c411af"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5515-dea7b773f2bb4595.js"

GET
H2 200 1705-ae9231b174e528a5.js Show response
www.scener.com/_next/static/chunks/ 245 KB
57 KB 3979ms
3975ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/1705-ae9231b174e528a5.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6077d659c1924659a15566a64b707f7c9f9f0e2ca2e84230acd17a620f0979a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vsvx6-1696858732619-4f1af8b51a0f
age: 30356
x-matched-path: /_next/static/chunks/1705-ae9231b174e528a5.js
etag: W/"327e356d9f0fdc02fa64377826a26841"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1705-ae9231b174e528a5.js"

GET
H2 200 1072-582aac98d304f449.js Show response
www.scener.com/_next/static/chunks/ 20 KB
6 KB 3967ms
3963ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/1072-582aac98d304f449.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

741812cdd3301dc06ab0c3f4a725b2370674d365f5fae4e36629faf2729c2a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2mplj-1696858732619-d0627d2da09e
age: 30356
x-matched-path: /_next/static/chunks/1072-582aac98d304f449.js
etag: W/"8060357cd65a8ce5fbffb77a68c7bef0"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1072-582aac98d304f449.js"

GET
H2 200 9580-bf318855550b7499.js Show response
www.scener.com/_next/static/chunks/ 20 KB
6 KB 4004ms
4000ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/9580-bf318855550b7499.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7772026aa31eedcc171fd00fb02ab5d2d3f9aa06213bfe7b9dfcc77355bf97aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::qwcr2-1696858732616-35f569fa161d
age: 30355
x-matched-path: /_next/static/chunks/9580-bf318855550b7499.js
etag: W/"1ae2f099ec38a3d1ad8e7fbfe21a0969"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9580-bf318855550b7499.js"

GET
H2 200 8961-388658a9af8ae8b9.js Show response
www.scener.com/_next/static/chunks/ 12 KB
4 KB 4143ms
4139ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/8961-388658a9af8ae8b9.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

21de01876c61a9de884d865a683546adc66ad95529953658b3635c7f4cae289a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vsvx6-1696858732671-0ecb6fe9a87a
age: 30312
x-matched-path: /_next/static/chunks/8961-388658a9af8ae8b9.js
etag: W/"23ee4b0f2361cc186d52e6bbef4c6d3a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8961-388658a9af8ae8b9.js"

GET
H2 200 972-f3aa704490c4b649.js Show response
www.scener.com/_next/static/chunks/ 10 KB
4 KB 3965ms
3962ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/972-f3aa704490c4b649.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

37de9a9f3b2b7ef655ff8e831822383545fafed997329aee23a4c4ad1a0e6da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::zj7j2-1696858732616-72edb985e5d9
age: 28792
x-matched-path: /_next/static/chunks/972-f3aa704490c4b649.js
etag: W/"4886f1f835cc53ce6cbf5869ac893556"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="972-f3aa704490c4b649.js"

GET
H2 200 index-a6dce1b2f4d2a3a1.js Show response
www.scener.com/_next/static/chunks/pages/ 27 KB
8 KB 3950ms
3947ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/chunks/pages/index-a6dce1b2f4d2a3a1.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ed1d5c61910bcc95522aca5f6fc5b5adc2a2ca3e4814f92368090e13a3041cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::c2ckb-1696858732615-cf57cc202cd9
age: 30312
x-matched-path: /_next/static/chunks/pages/index-a6dce1b2f4d2a3a1.js
etag: W/"af3566500a771c1eb7645f7dbf7d5ab8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-a6dce1b2f4d2a3a1.js"

GET
H2 200 _buildManifest.js Show response
www.scener.com/_next/static/fUr8rNRzz1T0UoUfuhsjq/ 7 KB
2 KB 3943ms
3940ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/fUr8rNRzz1T0UoUfuhsjq/_buildManifest.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dfdc3bb59b8acc958ea97398545660d0daddef78fb8d126e745a905c10e5d18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pthg7-1696858732613-07c775147858
age: 30355
x-matched-path: /_next/static/fUr8rNRzz1T0UoUfuhsjq/_buildManifest.js
etag: W/"87816d70e6b7289aceacc91c742e8f29"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
www.scener.com/_next/static/fUr8rNRzz1T0UoUfuhsjq/ 446 B
676 B 3951ms
3948ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/fUr8rNRzz1T0UoUfuhsjq/_ssgManifest.js

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

970239bc6e6b1a0e6c578f497ef1b2d0a1cb56111a588747dfd3df1a7f4132ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8cqgc-1696858732614-c29824a21ba3
age: 27220
x-matched-path: /_next/static/fUr8rNRzz1T0UoUfuhsjq/_ssgManifest.js
etag: "6d9ee7bcf62e3f3d0998d5c1d83328fe"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 446

GET
H2 200 carousel-0420.jpg
media.scener.com/website/ 50 KB
51 KB 3967ms
11ms Image
image/jpeg 2600:9000:2490:b400:12:5719:c480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.scener.com/website/carousel-0420.jpg
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b400:12:5719:c480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d208b5826bfea6982c3345fed748b36c9aaa998a729ed04cb42f2df1fdb9259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:04:36 GMT
x-amz-version-id: 8.ReKg2kklW0swfwnXyUeyHCSLAOUVXd
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 19:23:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 3868461
etag: "426b6448c4e94e8fb9d3a505dd9de4a6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 51395
x-amz-cf-id: REuB0ZjhsB6j7pt_F9EPsUHiQ5om_mnUU9cuXB3jAx_CQF3n9G-XKg==

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a801f7c12dbd2285855b9ad3fa479c467c2d2448395041db68e5f32b006e8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 045ac7c8717e79721024f691b3e011830973f4341ec6e5c12347d06a1745449c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 281dafae772ad2e65c4b5a7230208894a14155ea7c9a719ba475d45bfc0a1e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Readytowatch.jpg
www.scener.com/images/cards/ 40 KB
40 KB 3940ms
3940ms Image
image/jpeg 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scener.com/images/cards/Readytowatch.jpg

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

73419e3a925da71904ab4b3e5a9502dcf7ff719bec66dd17919cbc0f417372d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:52 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8jx9n-1696858732614-f2007eb270b1
age: 30312
x-matched-path: /images/cards/Readytowatch.jpg
etag: "dc0ab8d598fc9a439ff9268696667e47"
x-vercel-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000, stale-while-revalidate
content-disposition: inline; filename="Readytowatch.jpg"
accept-ranges: bytes
content-length: 41173

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af39585b67a5e34a20d863cda7739bfb301e3be7df07f6e592bccdd84485e998

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 carousel-1664300060.jpg
media.scener.com/promos/ 160 KB
160 KB 3964ms
22ms Image
image/jpeg 2600:9000:2490:b400:12:5719:c480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.scener.com/promos/carousel-1664300060.jpg?VersionId=xh_u3hoQ5h3J_k7Z1pGaRe4xHnt6UEmp
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b400:12:5719:c480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5c281ea507f98f62109b0247caeeb2ae91eb87993b2a1ae722747942e597703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: xh_u3hoQ5h3J_k7Z1pGaRe4xHnt6UEmp
date: Mon, 09 Oct 2023 03:53:51 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 17:35:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 40081
x-amz-server-side-encryption: AES256
etag: "f2e1ee1dc11db7bcf6aec75b7b048e4a"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: ONEZONE_IA
accept-ranges: bytes
content-length: 163613
x-amz-cf-id: 27UuI7vdk0DvLStB4FK5F6nHzNcQVYU0FLXAC3N5mbGqQfTo2ZAvhQ==

GET
H2 200 overpass-latin-700-normal.7d009308.woff2
www.scener.com/_next/static/media/ 16 KB
16 KB 4126ms
4126ms Font
font/woff2 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/media/overpass-latin-700-normal.7d009308.woff2

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::zj2jq-1696858736502-af9b49f21f8d
age: 30359
x-matched-path: /_next/static/media/overpass-latin-700-normal.7d009308.woff2
etag: "7377f379fe5354af4a27bbb954ce816e"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="overpass-latin-700-normal.7d009308.woff2"
accept-ranges: bytes
content-length: 16296

GET
H2 200 montserrat-latin-500-normal.34ae71ed.woff2
www.scener.com/_next/static/media/ 13 KB
13 KB 4135ms
4134ms Font
font/woff2 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/media/montserrat-latin-500-normal.34ae71ed.woff2

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xbhlk-1696858736502-99f82a444913
age: 30315
x-matched-path: /_next/static/media/montserrat-latin-500-normal.34ae71ed.woff2
etag: "3f2f6d9e64a95a40ea5dedfc91f42a95"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="montserrat-latin-500-normal.34ae71ed.woff2"
accept-ranges: bytes
content-length: 12820

GET
H2 200 overpass-latin-600-normal.5204cee7.woff2
www.scener.com/_next/static/media/ 16 KB
16 KB 4127ms
4127ms Font
font/woff2 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/media/overpass-latin-600-normal.5204cee7.woff2

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c106eff54b4b00e0ed15d44557339dba87e99aaa22fb5a5275624b036f94cdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ntcgv-1696858736502-4cc143221202
age: 30359
x-matched-path: /_next/static/media/overpass-latin-600-normal.5204cee7.woff2
etag: "538c3e2c46df3a925a1c3ecad109c4c6"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="overpass-latin-600-normal.5204cee7.woff2"
accept-ranges: bytes
content-length: 16364

GET
H2 200 overpass-latin-400-normal.a2dc9f05.woff2
www.scener.com/_next/static/media/ 15 KB
16 KB 4132ms
4132ms Font
font/woff2 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/_next/static/media/overpass-latin-400-normal.a2dc9f05.woff2

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.scener.com/_next/static/css/ddcde9ec9b5b4991.css
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vsvx6-1696858736502-54b19765d205
age: 30600
x-matched-path: /_next/static/media/overpass-latin-400-normal.a2dc9f05.woff2
etag: "2d1c9b7b1baef2dc59a31bb8736a5bce"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="overpass-latin-400-normal.a2dc9f05.woff2"
accept-ranges: bytes
content-length: 15792

GET
H2 206 V7Carousel.mp4
media.scener.com/website/ 5 MB
0 3908ms
36ms Media
video/mp4 2600:9000:2490:b400:12:5719:c480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.scener.com/website/V7Carousel.mp4
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b400:12:5719:c480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.scener.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 09 Oct 2023 05:33:07 GMT
x-amz-version-id: null
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 19:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 29150
etag: "06069f5f5139d9613e0a83b070d240a0"
x-cache: Hit from cloudfront
content-type: video/mp4
x-amz-storage-class: ONEZONE_IA
Content-Range: bytes 0-5026109/5026110
accept-ranges: bytes
x-amz-cf-id: CBN5LNslVmIcscJ11T5UBHhM5hCj3DQlTRxmgH2YCKrItcKBGLJGvg==
Content-Length: 5026110

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 09:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15034
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Oct 2024 09:28:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 112ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3149408578918334

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/main-afbafb20a930ca1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1eeb7e2400f2cdce05110d0a95e2d6bc06eda36c1420ada92b99a3abff9ec40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50846
x-xss-protection: 0
server: cafe
etag: 17481287784012919058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:56 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 537 KB
150 KB 46ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9091aad8cbd4b0fc28f3591bebc4961c0301ab95503477739953bed4cca3d2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 13:38:56 GMT
via: 1.1 varnish
age: 26
x-cache: HIT
content-length: 153480
x-request-id: 71973f76-9560-4ce5-8cc8-655a4fff280d
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Fri, 06 Oct 2023 21:23:16 GMT
server: Fastly
etag: "2a69298ff4fea8255cfde1cff97d3582"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
74 KB 56ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRJ9R8F

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dca1f074b821164287a1c82133bbc725d2efed76db71d31dc9b1eebf0474b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75017
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 13:38:56 GMT

GET
H2 200 geo Show response
www.scener.com/api/ 66 B
198 B 267ms
267ms Fetch
application/json 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/api/geo

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

272abc7da7f1aea0a50a69ada422aec660c2ce99df94a8feb31211e5642156fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Referer: https://www.scener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pdx1::hsdhf-1696858736913-c3992b28b202
age: 0
x-matched-path: /api/geo
etag: "4wefmr325q1u"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, immutable
content-length: 66

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a68faf334cf624cc72fe9a2c23879d943f198a6e8dae9d07f1c854950db18f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 09 Oct 2023 13:38:56 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
16 KB 329ms
329ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4303603916233094&correlator=3150879401050184&eid=31078637%2C31070233&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=22805720655%2Cca-pub-8353397542178803-tag%2Cwebsite-rectangle-1%2Cwebsite-banner-1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=336x280%2C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696858737011&lmt=1696851537&adxs=1080%2C315&adys=1346%2C744&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.scener.com%2F&vis=1&psz=430x380%7C1330x90&msz=430x-1%7C970x-1&fws=4%2C4&ohw=430%2C1330&ga_vid=2129910099.1696858737&ga_sid=1696858737&ga_hid=1594606321&ga_fc=false&dlt=1696858732526&idt=4103&adks=183657315%2C2852720204&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889aaa402a8c74cc2beabe5d37e8c27ea751826e99b236e44106f114be5cb6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16056
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scener.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E87 6 KB
3 KB 74ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Tue, 08 Oct 2024 13:38:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 all Show response
www.scener.com/api/rooms/live/ 43 KB
10 KB 28ms
28ms Fetch
application/json 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scener.com/api/rooms/live/all

Requested by

Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

90c57993b8c26f47826afdfab259ab22c41130a4a8c105e538864fae073256e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.scener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 13:37:22 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pdx1::2mplj-1696858737067-3c0e251bc605
age: 94
x-matched-path: /api/rooms/live/all
etag: W/"hxyws9hic6xyc"
x-vercel-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60

GET
H2 200 timestamp Show response
gcfn.scener.com/ 27 B
448 B 197ms
143ms Fetch
application/json 2600:9000:2250:2000:6:42:2840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gcfn.scener.com/timestamp
Requested by: Host: www.scener.com
URL: https://www.scener.com/_next/static/chunks/pages/_app-e48ad50861439fce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2000:6:42:2840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7380659e26147659d1b3ac655c18285b7d3a66486a21c73d0f86637d1f511f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
server: Google Frontend
x-amz-cf-pop: FRA60-P2
etag: W/"1b-ZOK5qvwvgQPmqg3RxdpOH2xO3dQ"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d70bfcebc9b685229d75ed41811e5963
cache-control: max-age=0, s-maxage=1, must-revalidate
function-execution-id: hdeq28yrai4z
content-length: 27
x-amz-cf-id: OLSngfGcTZryr3MdR5k5ouM9HZUXNbqhaIxEaz1hD05pdsGxdiAviA==

GET
H2 200 scener-logo-wordmark.png
www.scener.com/images/ 21 KB
21 KB 29ms
28ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scener.com/images/scener-logo-wordmark.png

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6667df51725ea7d9db2f4a7d64a2bda795e491fdd7b03c2e0462ff3ebce0d427

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::67p77-1696858737088-857e40871cb0
age: 30601
x-matched-path: /images/scener-logo-wordmark.png
etag: "6ecbeb0014bcd0dac5eba4ef04f048bd"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000, stale-while-revalidate
content-disposition: inline; filename="scener-logo-wordmark.png"
accept-ranges: bytes
content-length: 21101

GET
H2 200 laptop-blank.png
www.scener.com/images/home/ 51 KB
52 KB 22ms
21ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scener.com/images/home/laptop-blank.png

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a710628fa0b688892be43dbcd9f22009fc9d7abe84777ceba41eb7e1252aaeac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2mplj-1696858737088-dd7a93132c66
age: 30601
x-matched-path: /images/home/laptop-blank.png
etag: "9f1baf6cb4c983b0d431d35f4a0188b3"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000, stale-while-revalidate
content-disposition: inline; filename="laptop-blank.png"
accept-ranges: bytes
content-length: 52558

GET
H2 200 contentWide.jpg
media.scener.com/users/4050971/tNF69k6c7AFlw64DNHgy/ 143 KB
143 KB 7ms
7ms Image
image/jpeg 2600:9000:2490:b400:12:5719:c480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.scener.com/users/4050971/tNF69k6c7AFlw64DNHgy/contentWide.jpg?versionId=MsA2ztAI5PMTc.Xt3t8PcQvN3FHOQ._v
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b400:12:5719:c480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 787f949b0dcd2646fd7c5c8437ee47c076a42d92d316ed6c6406fb9cb94f6bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 04:27:00 GMT
x-amz-version-id: MsA2ztAI5PMTc.Xt3t8PcQvN3FHOQ._v
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 04:22:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 33118
etag: "1d7319e42d464d8045dc355698bb8860"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, s-maxage=1209600, max-age=0, stale-while-revalidate
accept-ranges: bytes
content-length: 146017
x-amz-cf-id: 50rFshPrBtg97Y7JHXyeqvDRTPSDp06k1YxUgOZP9_I8de0lbBQtow==

GET
H2 200 contentWide.jpg
media.scener.com/users/3770494/UveFih7YPTvyhExQ6Oka/ 221 KB
222 KB 14ms
14ms Image
image/jpeg 2600:9000:2490:b400:12:5719:c480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.scener.com/users/3770494/UveFih7YPTvyhExQ6Oka/contentWide.jpg?versionId=Yj2Hk7maALZU84qtfC8meZmYjvOn6Af9
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b400:12:5719:c480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ce2f386a6749eba15e2fa6034580a69ee6ea261a003067807d83f8bfbb81f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Yj2Hk7maALZU84qtfC8meZmYjvOn6Af9
date: Thu, 28 Sep 2023 22:47:34 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified: Sun, 10 Sep 2023 16:54:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 917484
x-amz-server-side-encryption: AES256
etag: "2c9e9ddeca31089f8fa266790ebd92ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, s-maxage=1209600, max-age=0, stale-while-revalidate
accept-ranges: bytes
content-length: 226706
x-amz-cf-id: moE8Ij-lzi--jArvWFnxSNAPpGo1hoxNMsd87pGUINTH3a8MGOz2EQ==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 96ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3149408578918334&plah=www.scener.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3149408578918334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a256b52e64d365759aec3dbb6dea3d4ea5c11d71a55d76cedddce1945aa2d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135179
x-xss-protection: 0
server: cafe
etag: 3672283642856810913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame A7A8 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3149408578918334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 20:06:12 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 78ms
39ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRJ9R8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 320c9eab98d659eea8674db00abeae224caed94e532d7b758a32a5097d8f2821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16884
x-amz-cf-id: DAObhUXWJfprO2NQDcDErOHSsra1sSdBHT5NbDVlYKyvtiWe3PYs1w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRJ9R8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 13:38:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: 42c1x3VPIZpMG7OPUoINX+dCUtBy93AJqr6An0tO3VClv+CXKyJFcqYztvfcHDZCl2/43MNrX01x6c4q7bg3rA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKGG26LBQD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRJ9R8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cef4c3db6c1289a3f0855c11897228701df758e80c20435c0de2f5d6b64302e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 39ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.scener.com&callback=_gfp_s_&client=ca-pub-3149408578918334

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3149408578918334&plah=www.scener.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b33b6203dbfa6df64745b3fd67ebed5f5f14a84cf421973860a153c4558c3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7313 603 B
345 B 171ms
170ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3149408578918334&output=html&adk=1812271804&adf=3025194257&lmt=1696851537&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fwww.scener.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696858737116&bpp=4&bdt=4590&idt=265&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7277543717989&frm=20&pv=2&ga_vid=2129910099.1696858737&ga_sid=1696858737&ga_hid=1594606321&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C31078599%2C44798934%2C44804782&oid=2&pvsid=4303603916233094&tmod=1537684660&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78B7 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Tue, 08 Oct 2024 13:38:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C802 6 KB
3 KB 9ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Tue, 08 Oct 2024 13:38:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 25C9 57 KB
32 KB 46ms
45ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks&co=aHR0cHM6Ly93d3cuc2NlbmVyLmNvbTo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=rk0qnibtgwsm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77f057f5351d8ada4f65c2ffaba55be7957eeffc364d64e85d34a6ae41b73e5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hx4yXJ4_zmvuBghIJTIHog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Hx4yXJ4_zmvuBghIJTIHog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BC44 624 B
246 B 49ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXiXYPXwIR8DSixGNFPFQW0TF4XbMKEYuGIgPijLxubBDd-XphNzEM-gfakp9AOl-DafhYZK1EINCwlIJEer8tCctqwrqk5DPAirNP_KAZ0NwdcMI2Stb-9GIJtV7t3GuZaLWyNWhlk6FHirqf9l5bDEIDf__IhqB9I2UHJrwCNxz0RS-E

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Mon, 09 Oct 2023 13:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 78B7 89 KB
31 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B7 42 B
63 B 108ms
107ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPMjlg5SRJxyREIexfwTGw37c56kf1RxBlnhitNS1BAY6S8qeaDnWBZKKUbWYbTtTuKCWnc3mTLZNjuo6J4VFuiLqRojSVLplHmGrN8juC3STuynA

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B7 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13762847650454463519&x=1&ct=77

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 78B7 3 KB
1 KB 49ms
11ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 78B7 20 KB
9 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78B7 187 KB
59 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H2 200 2265830763736676 Show response
connect.facebook.net/signals/config/ 137 KB
35 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2265830763736676?v=2.9.132&r=stable&domain=www.scener.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2478a3f4af3e3e1c0d3f29d5eab76d512c79a65ccf4408707ab26b885f8b2c4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 13:38:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GS7jqgxh61F8Jdq1/FP68s5Eh3/8r84pvl7vHDWQMyx+E5Q2BSc87n6MHfrQ1jjOIM+Uf/VIvNvgOB89snPAuQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EC7A 624 B
246 B 51ms
49ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU7Pbjkm70ps6G9z-HnxL31pxMdrzz32ua9uu-vnShYFYtMh9nBq2LLXieKF0FPPMSpdnJcqCuVuimn8AU_dVUDbHExr7uH9sFerX6jl4uWb3J56BZYzkZdgD7eFPkWegMiQ5QCDy51zx7_lC14wNwuKUGzeEzZfkMFryQj-OHA9lf-h7M

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:57 GMT
expires: Mon, 09 Oct 2023 13:38:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C802 89 KB
31 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C802 42 B
63 B 111ms
110ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpFIg9FF3u_08tVavbwvEoWC6XSkoLwMUoLx69_XjHBHpnroYlSfMM1bB-23VpkTBs9Y4Kv2O7XhlZUMJlnI7W4V9g0eNrJzy3zbzGtTi3U6qPO0Q

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C802 0
20 B 110ms
109ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4653590774002506860&x=1&ct=77

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C802 3 KB
1 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C802 20 KB
8 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C802 187 KB
59 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 13:38:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 43ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SKGG26LBQD&gtm=45je3a40&_p=1594606321&_gaz=1&cid=2129910099.1696858737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696858737&sct=1&seg=0&dl=https%3A%2F%2Fwww.scener.com%2F&dt=Scener%20%E2%80%93%C2%A0Watch%20Netflix%20and%20more%20with%20friends&en=page_view&_fv=1&_ss=1&ep.trial_split_group=No%20CC%20Required
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKGG26LBQD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SKGG26LBQD&cid=2129910099.1696858737&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKGG26LBQD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
46ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SKGG26LBQD&cid=2129910099.1696858737&gtm=45je3a40&aip=1&z=1155892663

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 25C9 55 KB
24 KB 28ms
10ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks&co=aHR0cHM6Ly93d3cuc2NlbmVyLmNvbTo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=rk0qnibtgwsm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 12:11:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 25C9 466 KB
187 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 20:06:12 GMT

GET
H2 200 7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b.js Show response
tr.snapchat.com/config/com/ 168 B
444 B 77ms
20ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b.js?v=3.4.10-2310061912

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2f5cac607fbbccb17082aebe57e871fa9d2996ad3d00cd0f5d08bcd187163d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.scener.com/
Origin: https://www.scener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.scener.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 39E0 0
201 B 72ms
19ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b&u_scsid=538f20f3-fe5a-4cb4-b790-edd36a482cd4&u_sclid=f5a6379b-71a4-4842-b924-29af4d792d4c

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 09 Oct 2023 13:38:57 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BC44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

43 B
341 B

27ms
26ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXiXYPXwIR8DSixGNFPFQW0TF4XbMKEYuGIgPijLxubBDd-XphNzEM-gfakp9AOl-DafhYZK1EINCwlIJEer8tCctqwrqk5DPAirNP_KAZ0NwdcMI2Stb-9GIJtV7t3GuZaLWyNWhlk6FHirqf9l5bDEIDf__IhqB9I2UHJrwCNxz0RS-E
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBmOr70bwpwxi%2BDn4h21Lmw7NV5PWM2Wcn5yO%2F8B41N6vtkcY8PSHRzBy6oxZKBQexx6A7a0MsIG3W5WxfBatu%2FZujcc1UJ4mZjvESxemZ3TvRjhRiim%2BFV5I%2FqtzUEPgolIoMBN%2BHOIbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813706e6ce0b65e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BC44
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQCcQuOQWbeVbVpwJZiJAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

43 B
740 B

22ms
21ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXiXYPXwIR8DSixGNFPFQW0TF4XbMKEYuGIgPijLxubBDd-XphNzEM-gfakp9AOl-DafhYZK1EINCwlIJEer8tCctqwrqk5DPAirNP_KAZ0NwdcMI2Stb-9GIJtV7t3GuZaLWyNWhlk6FHirqf9l5bDEIDf__IhqB9I2UHJrwCNxz0RS-E
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGVRPSB6059cya3SrYDFex7FlCe%2BROHxsCEOUmhryE%2FpN4tGCR5dL%2BbUFyrpdL%2FGZSVkJrgfex2VT0KNlpC1Gs%2BwnwDr39D4gm91wTYDzTs7vJ%2FpEU8KRd%2BW8MlRWWZ1uZ8uJ0abM3c4uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813706e76a462bcf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BC44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

43 B
832 B

30ms
30ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXiXYPXwIR8DSixGNFPFQW0TF4XbMKEYuGIgPijLxubBDd-XphNzEM-gfakp9AOl-DafhYZK1EINCwlIJEer8tCctqwrqk5DPAirNP_KAZ0NwdcMI2Stb-9GIJtV7t3GuZaLWyNWhlk6FHirqf9l5bDEIDf__IhqB9I2UHJrwCNxz0RS-E

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
an-x-request-uuid: 09888de6-9aac-4b36-97a2-598d2f32ce99
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BC44
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

170 B
243 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
an-x-request-uuid: d2e5935d-7388-47c9-abfd-0f61fa1cb673
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D
x-proxy-origin: 81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EC7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

43 B
330 B

29ms
28ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU7Pbjkm70ps6G9z-HnxL31pxMdrzz32ua9uu-vnShYFYtMh9nBq2LLXieKF0FPPMSpdnJcqCuVuimn8AU_dVUDbHExr7uH9sFerX6jl4uWb3J56BZYzkZdgD7eFPkWegMiQ5QCDy51zx7_lC14wNwuKUGzeEzZfkMFryQj-OHA9lf-h7M
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQOOECaTWjusMnMdLSy3ojd%2BZweWPlRTKA1rhEpOhFvCKLtUImCBauSbuXC8MfAItH7okw2%2FsNDoRujUMC75ZnJ3QuoR6FYB9c1O2pi3LyOZ1wBbpI8jhlPsrIDgpL%2F%2BozIGGPo5c%2Fu%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813706e6ce1765e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EC7A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSQCcQuOQWbeVbVpwJZiJAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1

43 B
737 B

23ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU7Pbjkm70ps6G9z-HnxL31pxMdrzz32ua9uu-vnShYFYtMh9nBq2LLXieKF0FPPMSpdnJcqCuVuimn8AU_dVUDbHExr7uH9sFerX6jl4uWb3J56BZYzkZdgD7eFPkWegMiQ5QCDy51zx7_lC14wNwuKUGzeEzZfkMFryQj-OHA9lf-h7M
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG7Ml7xBAJFvxwcj3eorio%2Fzjhr1IEoM8LRz1Nt3qIgNQ%2Fn%2BoLwSiy6MFzC3J%2BVR%2BXqeFft9vJyF59QbnhXbkgvSIXhRIiDiw1BtavyCPdxCUTfpUfGp5T3AL1TARpxIHpsGaYvmOQfflg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813706e76a482bcf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELvbsxPWQGolYxtrhdP474&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame EC7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

43 B
831 B

29ms
29ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNU7Pbjkm70ps6G9z-HnxL31pxMdrzz32ua9uu-vnShYFYtMh9nBq2LLXieKF0FPPMSpdnJcqCuVuimn8AU_dVUDbHExr7uH9sFerX6jl4uWb3J56BZYzkZdgD7eFPkWegMiQ5QCDy51zx7_lC14wNwuKUGzeEzZfkMFryQj-OHA9lf-h7M

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
an-x-request-uuid: f811c404-924d-41a8-9084-ece62baecde5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOZ2GGQByVt189q80QiMZM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EC7A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
an-x-request-uuid: ab1dc46b-dc41-4f2c-a772-03c06542837e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxOTY1MTI4MjMyNjM3ODA0Mg%3D%3D
x-proxy-origin: 81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B7 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8989901588637&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B7 0
20 B 108ms
107ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8989901588637&version=m202309260101&ct=77&x=1&cor=13762847650454465000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 78B7 16 KB
12 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DSp7RRR4aZ3muElb6DC4IY9UYzw4SbwwhkUvsvjpkVRiYydpMSVCA7LG6vdr6S3rxNaWAcx3k1FRd544IGq_Gn9txQjWbzzo4qmEPKqvgQud23w97lmeHTiLzZ2bxjFY3u-J-fF6gn-E7HnPxMyuebyOJk5XPFFf6BQ7wUka_lD8gSY&cry=1&dbm_d=AKAmf-Bcx7Ro9uEiHVuorCcNtA5HomKLVG_vu-vNu_L8FSwQL00qZPnWdVauwhNN5WSQIPa4Y9elaSHRfXvo_PTZOL2r4_CicNU2raUAFrHupN0FyioGZRfAsmW_HImHjsrcONivzWnMH7YSpZUj6utKtU5uZc-G2x0WykEcch4YUMr8GUNJ8v-9w8-jlahT8gSiul51QgiB89j-DRgHzPk4IPL29A65k2NAN-54fRN23n9Gpv7WhZERjcfAjA0TyURj5IUWHB0daqVFIRHjgO867N6_OQwgeRjxc4HP-oxoe5VnjJ0RtRz04cJei3jgPrH041xN5uZfvncZN_zSlyBUhojC8ydhzMGjTji5BC0SrMYDvwjNZ2MPg11Ajf69fB0nxtNrhOBZmkLeCOGPAbeob7A5pm_jhdH8KXq9V5B-Xbe21BWmBB8SQjGf0EPtv3T671cnGc4ejzaKRprt8pCG0MRzFSuXdJc7x6_jmXkX5l1V7QY4QxWgLLXWWscbxaksI4dzk4oANiXpU-NY-lqOeWjDZCklBcdWl_NXTwzQsmSKFVl_khbCumN5WajirGUz1ZeGcOo1Zyyl8SxFyu1wD39AWoVS0-RejVbM03MdR1EldeI8M1bwdVM3HeITGnqGVueWIL-jLIsiIuA85vXpF_0YR8KTUHghb78Or4oZqTcwPEtM2Q7QHmpecyPKo6K3YtP1aqppUPp1fdrBW7wepGvcN6hu76bOwwWWFUvFc_xwku2kqY5BsuZPRVhVFfJxW0fwDr2s0WYJBdu8262TSlhfeJXg1ZDHRwFpM_PUZlqSS9DStVkXXzf3nWA5YFHHtrVjiKvFsSfq9sAio2IqhYyopYhoo2b2AVKVVt6JSp0gY3J8NY1c2TEddSncL53NYC1trCK0qsMm4MNSWRm_0F3Jtdvbmk4bKdXYzSpD-vCeAyE-TnwNRUbAbZJ7lHaNVp6NRnqId73TswwCC2BU2ihl3wQPPvlqSV7hc8I9rDUejrlpu-J7Nufy2DzVAtSmXnMdwGr4Kk00NSQpHH_q54oMtKlmzdzidqOnBKfBODQXLwRL3MpovD0hVjZnCqXTEk3F2Qt_C4Ycw5dm7Cg7bIkf9ON2xcFgU7FnGLqpamSa0pDsKESvT-O91W-dWOtA2-15KIHtW0EI3OG-J2pPKlk1qelkWyGk2NZmDQn1NF3cRXnjfouDKcgiPbeRJZjnl0I3dT5lVhCqtgYbem8vIIVm0NOJCDZ7H__QS6AdNTdW7rbcKn1tz_PGAYDHA6D0Hxkb4d8Mm6mSmHBEX729_ujSxvxtDUfWkJITp3pu0wWJs_3EHp6FVUd-XPElb5Qyx-6P01Zw3z_DyDQ7nSdVGFyr7EbeFWdfzr_qwAZocBkOTa3ta9AUipzRw8pJXhYE9FvlOA_3mKCHh1ySWepXn_HmMZud0QRlAzZqv23ZkjELpdKVhMaErZmh8wX0YxgEiiXGvFvbFHZD6vu6SK5vEO_lJYNEIDB7CvNnAt2zXpJkB2ffGaAEzO1-pRESjjgV9RBaEbBFsouAX4wZ6L5pA5X_pD1KLwFJ-YYrVbm-ErYz8I3c2CUk0d_zj0s4gw6zhdTDDIF1Vsja22NsCUwg_9KKXAj6Gjjn45nQ77ARRQJ4Q7GmPNE1ocGJBk2ev80MKxvdDk6fDG4bVuEvhL9FTxZr33x__yo-neUjt-sgUoKqB5xYkTTyl_l3zLqIECdf2gnG93iuY_7nf3IcxDZoFWVS9K4sDglcvHPj3NCD-wzy5gLQWEHwGJEhfrYnqZqgLXUOSkBx8JH4p6mXCqrIhBJaP1lc3cL1PUQcXzZ7qI7Wek5Kp-6gkTRZbSj8TlnIEc_wDoSMXxheym0UyIDoagN_bNhqK4RkjDdqQpWLjtRX7ty0pFd4ZK-thjAMaWnGDcVlhCyXL6DVv3-yuTKRVNP5do9DxJmUs5je2YD0z-ipFMk6rg0cK1Dz9lhfpAKfeDPTgIoErurtLK3XPNoBZpQekFT80xFtilvcc6rM6t80UMpBua6Dkt0Td3oRUxIeRvOJi22m3sDvRZWEUfsrMpk43J1SyOWXjQIPQvAQ8WXnzuh26V37Vrz5H3q1a6PoviRJcBgVdfzH440t2DE06vZsXf3obDzLGHVffoUXVMzFodyAJuQxMnKW2IuLeQT9JywflT5UugrvF_Wn8ZBFXEYxWL85xoYKtNfzZTVkNEDRaV9A51DSRqDDCEidR2LeS7VScWUrxyYOtm-0-H_mSBn6lNh3Loc8jbnKsfsmhQIPYJ5TRCDNtT-Z5bNwVACX-STnPyexrqqTAZs8JOe_xGQg6xGq7EOG3j01TcZEVPM80B1EdqRcGahn8p8LKskQnNk7b48-GBMKv3C1ujCn-vtekluxZN-hCrpxYg8aNb0AkUv6uRhzcX0Wsv2zU2w5vSQeBWdCzCIU7qJkda031-W0N2Gy7tqVEsGZY16T79qflUQNgslWN-_DGjjrv_Tw0SsNheVT80jbYRdZ-helm9hg4rlBtFoIMBI2bl-hvksKVBca3_GVIzzweDPkKlvzgxt-aFdcFqeTevTJ75pBY8saWnPTxj8AS1H4dJzdU8656a0Lj0fyjzIo6_-6r79RrokvXpkuE2oFRJO_hPSxclLIdZ2b22ruAp2wB00P20-7fF1zPNxJne_jQKGZhNUA9br7Ef-VYmitUOoFsA8WoyqDaUMYa44fsCgtFrt3OBgYHqM8idGrQaUfRXxVt3Y87PmGbIrru6um38e8C-dVjoWluoz_kQgx-hqkFtY5I9CsXD0IaKXZ8CvW5TOTYt43qU-J1-DLujTiqiU_rYCWNoG2T5VAaGiGyg4kbA3rWm-tGsuVJbIcLhYulbRTuaxXVhge3Ukod3e3dB3Rv44y4gqAo2P83T26uYZifdo6OoHWe1OdM0OSktsU4hZff2XDiXsyD0Z4aDMrTCaLevqtZTX4QWRyZakfNrXo-fMvkKfgRBpVSeDY3Ooh7mfk0inItbAnRVqYNkF4hNPF6h-aJUrctUq_xtdLXITHEoCvZpZsJg7U7FP6Qvetw_WcE1_Xg4Eb12jg8JMuZocGMJO9KJNcrf1d0O_bw0Agf9QWZa-sACPMZ1-8NnlEZ1SrMJv_qrC355bkwl0xmmd_r14agW9ywD-Vc3yLzLGfiJawOeNcLdUkUu2cAagztMGmPv8rvEtZkulDJwTEVAG4sE-0Un6nrmS2Kqlk_o2mdZ7NGqGhuodDITxxmZHWbS5Yj2ccBJtON93enbUT7n9_1tlSm_uun6iP-SatS7kaXFHwIgZ02gvp0CzIxQ_moUZvF_vm-mu0ZpgsA7ozX8G1zTLw3XZEAwrqosu-BtJsAf78t8tIwPGWjDXkPwd8Jv3MkLyJqxoq9eDgBc1er4ImBGt2GdPnHRWCW7cJBLThPxD4tO4X18Hc0PYxUElNAnuS8Btw1K8LHd8f_oZAzJW1uea_01yX8pZNBXbwpcv5_p_6iPC4Bru-RRQFgcJcCiELNEbvQ8owTjwGpacvbdV0PMXZHX9nipfDzZZHWRYe5wFa58FOAczxOTi8pBnx41Do1YE__sUCJGWph3z_eydU8I_Cq7Ki2OawYBzIMlMIhMtOWwrY1L1sQndTw4O4zCf7ochEHELV_YKXC9SzIN80HG52u7J5Oti3IJSQW0ju4qK0YZfQUa4gd9rLj4yVWi_3oBXQk5Fiw5R5jHOWZcyeM8RWPeGGuh02aDzed10HhBue-qmXP2XBrVLjOd7fbmqRa1dZjRiSu4SJau9jggUDTHmbyzO53r2ZJWZ7I4G76J-KmmuYHgqksGX9pFnTxXP3-u7kSn8IXly2&cid=CAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.scener.com%2F&ds=l&xdt=1&iif=1&cor=13762847650454465000&adk=250412560&idt=81&cac=0&dtd=38

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e36f7abf85d1c061817d19aa93300312624d8974c8a334ab3832f348354db71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2265830763736676&ev=PageView&dl=https%3A%2F%2Fwww.scener.com%2F&rl=&if=false&ts=1696858737713&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1696858737710.1752702262&cs_est=true&ler=empty&it=1696858737569&coo=false&tm=1&exp=a1&rqm=GET

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 13:38:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C802 0
20 B 108ms
107ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4157477946687&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C802 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4157477946687&version=m202309260101&ct=77&x=1&cor=4653590774002507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C802 16 KB
12 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFA582LHkMCvJVBLu6eHeVHRZNKmukjqQUaFFV4GnpYg8GQj_WnePrpV9IZZZUGIbb47BkbzsgYo4epP_zodHL7dVTUT6VrRJTR5qjaZdJdoz2dUr5HRKjkSszAp-Or480U4u8DYpNoGmqsGVY6Df5HSlV2Lo8I6b42K3BfnmLfcxIiAI&cry=1&dbm_d=AKAmf-BHx_yxzYSdWFjDVoSAOEZYehosQNeQfIfD3QjNfw13iDOHWrD_MMZOQI2lBlDoXdIrtnvt2thZhISBuOA1pTKDQFzk2juisIjusqKvRzOciUTbBneU6jwVj6hjFsUTHrAV0uaGQObvt8GFa9pgFwMimIUgB4812A9ZSeF_jQfFqBJW1H8_eEy5M5UA_hd5qeri3kNF31Qiqm7BtjcJM4AAxnit-pXJTALwzLvIcnRFz54mUYcd7pfPLX92mWduGOz__hcMM_HxMK3RpXsA7M42vaE2ZOs2Oz85ePqOo2bY0w0AHdzrMIuJeu4W_xvLyl252ZfdkvocLilRIg2cCoKahiwjhhGdQw82RiDJxdaE1nbRaEVX1qCdmSs1L8sHi676TSd7v4E_ODfuwXWOzZGc3gVoxmkcUXqcDU19DeOk4NSWAFgDCk_PbIA7dxrgyxL1UW0ZHYUZRh2qQW4u-T7DMuofuFJr0iwTcqKX7UAAJtp27tgR--25AN4HrOGr6Xq0Ovm5USTSlew3i-PiZLWPanePTzVuMrMZnCh1rWpnme_RWST4IxIX-s2HO51Czg__wnmOTj_jiSgqJAY-I1DLsBnpQPTviS-B5SUwwR6xWB7TzSSx5L9EFz9zs9s7iYJYEkCF_d1sYOTFYAHxfBnrLPM_eVLYkdskOlzrbSSnckNhB5wQFZCGqwCsCl7whzf38SQ-Uj-FYGTonAMdQr-3_RV4kXLbuAlPKTzlWWXenuqK8fwy0dpr43UV_aUx1AhIvQg3fX6mHjA-xfk_z42ACe253t0hivqyEc3Hk2XwG3jxhZ1F7Cm9Hyzo4qlnjyNL5xpBhVKuKKRFcRhQWo2VmgAD_y_0yxiyj93Cg05sXMfOJDEx7UXiLrs_mb5JpLfTwKH1gKyMVSWtoG2nIf9fhusRXOMYDaur20_JfPK-PhTgc3LZmnzsofU-99oiJB7O7pUg42eeHT041ePWdoEZmuac09ogeTj5CnBGhlSvVCLFBxb1KcAgg6VEjLikg6kKZN5p_RV7V5_r-S7doowNrqcl7iDK8wMBccLZL_vfkEQKyF09oH1VFDdb9wyid6jXZNjXQc_4ovxTRZuPSybrKpUHT86L9ltI8G6NmjaICT-dpQ02Rz7_qyKrCuHsRKKtr9Dz4rNVUQBzJOtMRGeCSD276NvaY1IgT3n84IewYCrihlohBY_bVebKCfxPsG9eOajY0wZntPI8JMK0LBlZyU6XwpNQrDaw6TLDLKOTbd2B651GjE1egEXR6b6bvoy5rGZJpgWQweln0F3mInN2uUlRYbd__eEM3AGk1FDR2HX--Xvcho28ja9eXuTWa6aRqUiCCcTGNTqGicux42ck1cDVYB6w3oonOjkm0D3FffCim-dBdP9GRtJik9nfWmL9iPKgZR_YZ6s2HUobwcDL7MS1Ku2leouBhTakAm2N9yiBt2YpOlqYu4NPn3YLJsjXW5lhqV7Q-I_Y-gBbfBudO1T3TC0X653r242ZDiaEOdF5l3pRG6tGuLL4Q4Dmc2Ncnxrp9FvzM_w7hbcVJQ-4e73WJmTnoqlpldntRKJnUU00QPXVqbXbM68IMvSAT8R-DSHt0PINlb4zqBmmToXrTkE7PNsIORwhX6idLA7kU3SJVJpsEBfzHqXeKJ04orcCTwka6hnXUegHxHJ-0a7Op7WUGrxuaMoz3dtFxBwGLH7cpkVnPuVVBaip1sCf8Oi3TB870Si1kpT1I6tvxnsil9e2EK5T9oZJ9XeksxdyyOrZLE7GzxUoHAQZOlPDEWCXpQrNzlBrLJzs-s9WEDNjEVFVtm0SL0yWgGAnApxq9Yh5bkuIvhawOqE_vRRM95jXq5EbLPMFLWG1ZXbpDhrDvStjo6Q1eEZ6GyDMjfXuCeYa38vKd-5UkzQEYfHPNGwCCmSnn9jAPIedSDG3a1XLvTO2zEdLUlYkVL2O4qbkCJ1VX6iUODSiuFKsozqsFgiv9AVsU-CAgdnM-bbg2z-otvgTvQALoeSATHQw7p0XYLdsDVVuneSfkWSBXcbzigtiAgWA6FFRhEJTjFgJcrXwuo0q4SBpgeE-5fXOl71iSGdANXNUZduLF-iNkQiKmRVfsVxggyI5vkTi-qBj0Np_fj4VO91e2wVrPtB_rQdyVLFu4e5mh_L_J_3rIoI95Pf6zWETpVFsHx4uuk-OaMpy__cCEFLn9g1MNs4eSL4zpEeIyS1vCCUuYFcTv0rzz-k1s-oVzHImBlIRF2l7d8xm6I8QhKoDYjYHJrqOPp61GYmOv1bsYbTbTeIX9_A88iEkEe86DbIVnZwd9TPTgFwIaGa7WUyvvcMqVqbYYuCvughPK0zBFjUKgzfcFNXH00vR-3hP824hPWOikqmBuCYSStdnUeDSqh7U0bjfpNvTyzLv4WyzY7IE__KvUidXanKFyFxvJs45WsSy_cyNUYQdlql2AsDpaG-XyWmrNmJSMr8EkcIfs1OjNr60KTlraQuGRcPBLEe2QM6i-kvpJx-b5GTriTPQd7GI7eJ4_ct77yqL3bnQMoL0q960M6sg6nuh5ZG9tABaKTEX_e7z3XaZB_-kVxC4juAVecn2BbSgw3BLoLuQcs1idtX9gyKb0mBDHJ3b9kpI5ZXEsrRMZYV3K3nITc3NBEOqQosXTLb2zdBp4CJ2_swy4PNAIA1zxMCG-AG9zgOfrMeRX-EuEFpi5N28rdPZ6DhXrTXrErFu4PmNEZaCH2Um0FTFYscvIhPVo8ewp2REEPVRF04l1sA_giv_Nr00AUMBpdrtn9ehDmGGg-DcTSSjV_Ccy1cPUAh-RFd_UiSv93qczJ8KCCes9HpTuuxxyIthtfdbYj6rGF8aAyYJRqzh2EdRNFJk7DeymGrsiFyIC9onGEcJAlAvczPShz-9b1FQbaH6aymdJ_B13D9AV83bVb-ei96HmtTR5z17IZWHni4RjpU-_Lca0FQbj-CUloEfJhMusgAFCNyVJKV0H1j_WsTu1F_NNWBvrNL2nu3hVrY2CSOU0sUsiJFNYnlLiY47XDsQ31V228MC5vcwxQVGGwdELTUCP65KqGJdi97tdLhvyJbN_SKmGVR8lMsEDGRo2p0A4Hf1ZCN7F08aRIc038h92yomUYVALedS6H067_zpiRQAeRqJC57C2FzIzaasmOIaFkPrGQlkdJCWUP5Zu2a_sCbPXNzSoPg-AG49dBvPMsmHHYvYQVR9XYmEeUZUaQ-mLb4A4l5e7xObUZD8KPW7s-qwrThzJzIo8WcunTSqKV2xY7W9fgy4uzkDVBdks63cYncoxGaZkFkYnuYOLmNxR3vRDBg2NvdsFaaRtBOR_IKqe7VJRy0OWJzcO2QibyL9ZWT9XbZHQPlGA4OqfZ4Z02sz0uf5iqJe48Z7AVeId_sOR9DBBUGqj8N4wKxqMlBH0B2iD_IhCdUMR_QK2hlgtqN59tNpvvgq6Uz4gVWFk8V7kE0JD1Qgfc38oDdeZtUsw6gjlzgOf9qLtlBiPT_Kv7W-M4_7MW5gdfMVonI8yKokVFMUzHwE9czXmJQ2CmNV7BnYs8lz540qFsmh4WY02WNCANHU6gyal-m-k0s32qRyeLqEkh8SC63F3qEEEPA7XtaR4pGUJ1LU3Z9l2YNnJyPuzuDJ6SbXlWVdxkQZ-L4ArYA3qcYnwAFKZi6GDqH7nEqHHQYPZwRFZ8niPd2Xkb3qfs-FPtX4H3BAwB4osdMYyHUad-CO_UZd1-0HNLL-4Tz5SaSPK14EDVUr8S60iDlA97AA5kIxBJgQ7S-fUzq6HKA8NK6aAxJH1gOPg5rCAAI70R1cE3VvIVmru8OZGm-OjvgmTDxu&cid=CAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.scener.com%2F&ds=l&xdt=1&iif=1&cor=4653590774002507000&adk=1964084972&idt=142&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20f6f93dd0d6e4a6bab501e85ae41d51f7e459d19b4637f315568fc9c544145c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 25C9 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:18:29 GMT
x-content-type-options: nosniff
age: 307228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Oct 2023 00:18:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25C9 15 KB
16 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 197508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25C9 15 KB
15 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 317542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:26:35 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
307 B 20ms
20ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b&ev=PAGE_VIEW&intg=gtm&pids=7fcf879c-ba5a-4292-a2f1-8ec8f25eba6b&u_c1=b4304cf9-ca2c-43a4-9105-1d6580003b85&u_sclid=f5a6379b-71a4-4842-b924-29af4d792d4c&u_scsid=538f20f3-fe5a-4cb4-b790-edd36a482cd4&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=4629&m_fcps=250&m_pi=236&m_pl=0&m_pv=2&m_rd=5368&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.scener.com%2F&trackId=f61d6657-1095-4e7c-b021-1478df836359&ts=1696858737784&v=3.4.10-2310061912

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 78B7 41 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DSp7RRR4aZ3muElb6DC4IY9UYzw4SbwwhkUvsvjpkVRiYydpMSVCA7LG6vdr6S3rxNaWAcx3k1FRd544IGq_Gn9txQjWbzzo4qmEPKqvgQud23w97lmeHTiLzZ2bxjFY3u-J-fF6gn-E7HnPxMyuebyOJk5XPFFf6BQ7wUka_lD8gSY&cry=1&dbm_d=AKAmf-Bcx7Ro9uEiHVuorCcNtA5HomKLVG_vu-vNu_L8FSwQL00qZPnWdVauwhNN5WSQIPa4Y9elaSHRfXvo_PTZOL2r4_CicNU2raUAFrHupN0FyioGZRfAsmW_HImHjsrcONivzWnMH7YSpZUj6utKtU5uZc-G2x0WykEcch4YUMr8GUNJ8v-9w8-jlahT8gSiul51QgiB89j-DRgHzPk4IPL29A65k2NAN-54fRN23n9Gpv7WhZERjcfAjA0TyURj5IUWHB0daqVFIRHjgO867N6_OQwgeRjxc4HP-oxoe5VnjJ0RtRz04cJei3jgPrH041xN5uZfvncZN_zSlyBUhojC8ydhzMGjTji5BC0SrMYDvwjNZ2MPg11Ajf69fB0nxtNrhOBZmkLeCOGPAbeob7A5pm_jhdH8KXq9V5B-Xbe21BWmBB8SQjGf0EPtv3T671cnGc4ejzaKRprt8pCG0MRzFSuXdJc7x6_jmXkX5l1V7QY4QxWgLLXWWscbxaksI4dzk4oANiXpU-NY-lqOeWjDZCklBcdWl_NXTwzQsmSKFVl_khbCumN5WajirGUz1ZeGcOo1Zyyl8SxFyu1wD39AWoVS0-RejVbM03MdR1EldeI8M1bwdVM3HeITGnqGVueWIL-jLIsiIuA85vXpF_0YR8KTUHghb78Or4oZqTcwPEtM2Q7QHmpecyPKo6K3YtP1aqppUPp1fdrBW7wepGvcN6hu76bOwwWWFUvFc_xwku2kqY5BsuZPRVhVFfJxW0fwDr2s0WYJBdu8262TSlhfeJXg1ZDHRwFpM_PUZlqSS9DStVkXXzf3nWA5YFHHtrVjiKvFsSfq9sAio2IqhYyopYhoo2b2AVKVVt6JSp0gY3J8NY1c2TEddSncL53NYC1trCK0qsMm4MNSWRm_0F3Jtdvbmk4bKdXYzSpD-vCeAyE-TnwNRUbAbZJ7lHaNVp6NRnqId73TswwCC2BU2ihl3wQPPvlqSV7hc8I9rDUejrlpu-J7Nufy2DzVAtSmXnMdwGr4Kk00NSQpHH_q54oMtKlmzdzidqOnBKfBODQXLwRL3MpovD0hVjZnCqXTEk3F2Qt_C4Ycw5dm7Cg7bIkf9ON2xcFgU7FnGLqpamSa0pDsKESvT-O91W-dWOtA2-15KIHtW0EI3OG-J2pPKlk1qelkWyGk2NZmDQn1NF3cRXnjfouDKcgiPbeRJZjnl0I3dT5lVhCqtgYbem8vIIVm0NOJCDZ7H__QS6AdNTdW7rbcKn1tz_PGAYDHA6D0Hxkb4d8Mm6mSmHBEX729_ujSxvxtDUfWkJITp3pu0wWJs_3EHp6FVUd-XPElb5Qyx-6P01Zw3z_DyDQ7nSdVGFyr7EbeFWdfzr_qwAZocBkOTa3ta9AUipzRw8pJXhYE9FvlOA_3mKCHh1ySWepXn_HmMZud0QRlAzZqv23ZkjELpdKVhMaErZmh8wX0YxgEiiXGvFvbFHZD6vu6SK5vEO_lJYNEIDB7CvNnAt2zXpJkB2ffGaAEzO1-pRESjjgV9RBaEbBFsouAX4wZ6L5pA5X_pD1KLwFJ-YYrVbm-ErYz8I3c2CUk0d_zj0s4gw6zhdTDDIF1Vsja22NsCUwg_9KKXAj6Gjjn45nQ77ARRQJ4Q7GmPNE1ocGJBk2ev80MKxvdDk6fDG4bVuEvhL9FTxZr33x__yo-neUjt-sgUoKqB5xYkTTyl_l3zLqIECdf2gnG93iuY_7nf3IcxDZoFWVS9K4sDglcvHPj3NCD-wzy5gLQWEHwGJEhfrYnqZqgLXUOSkBx8JH4p6mXCqrIhBJaP1lc3cL1PUQcXzZ7qI7Wek5Kp-6gkTRZbSj8TlnIEc_wDoSMXxheym0UyIDoagN_bNhqK4RkjDdqQpWLjtRX7ty0pFd4ZK-thjAMaWnGDcVlhCyXL6DVv3-yuTKRVNP5do9DxJmUs5je2YD0z-ipFMk6rg0cK1Dz9lhfpAKfeDPTgIoErurtLK3XPNoBZpQekFT80xFtilvcc6rM6t80UMpBua6Dkt0Td3oRUxIeRvOJi22m3sDvRZWEUfsrMpk43J1SyOWXjQIPQvAQ8WXnzuh26V37Vrz5H3q1a6PoviRJcBgVdfzH440t2DE06vZsXf3obDzLGHVffoUXVMzFodyAJuQxMnKW2IuLeQT9JywflT5UugrvF_Wn8ZBFXEYxWL85xoYKtNfzZTVkNEDRaV9A51DSRqDDCEidR2LeS7VScWUrxyYOtm-0-H_mSBn6lNh3Loc8jbnKsfsmhQIPYJ5TRCDNtT-Z5bNwVACX-STnPyexrqqTAZs8JOe_xGQg6xGq7EOG3j01TcZEVPM80B1EdqRcGahn8p8LKskQnNk7b48-GBMKv3C1ujCn-vtekluxZN-hCrpxYg8aNb0AkUv6uRhzcX0Wsv2zU2w5vSQeBWdCzCIU7qJkda031-W0N2Gy7tqVEsGZY16T79qflUQNgslWN-_DGjjrv_Tw0SsNheVT80jbYRdZ-helm9hg4rlBtFoIMBI2bl-hvksKVBca3_GVIzzweDPkKlvzgxt-aFdcFqeTevTJ75pBY8saWnPTxj8AS1H4dJzdU8656a0Lj0fyjzIo6_-6r79RrokvXpkuE2oFRJO_hPSxclLIdZ2b22ruAp2wB00P20-7fF1zPNxJne_jQKGZhNUA9br7Ef-VYmitUOoFsA8WoyqDaUMYa44fsCgtFrt3OBgYHqM8idGrQaUfRXxVt3Y87PmGbIrru6um38e8C-dVjoWluoz_kQgx-hqkFtY5I9CsXD0IaKXZ8CvW5TOTYt43qU-J1-DLujTiqiU_rYCWNoG2T5VAaGiGyg4kbA3rWm-tGsuVJbIcLhYulbRTuaxXVhge3Ukod3e3dB3Rv44y4gqAo2P83T26uYZifdo6OoHWe1OdM0OSktsU4hZff2XDiXsyD0Z4aDMrTCaLevqtZTX4QWRyZakfNrXo-fMvkKfgRBpVSeDY3Ooh7mfk0inItbAnRVqYNkF4hNPF6h-aJUrctUq_xtdLXITHEoCvZpZsJg7U7FP6Qvetw_WcE1_Xg4Eb12jg8JMuZocGMJO9KJNcrf1d0O_bw0Agf9QWZa-sACPMZ1-8NnlEZ1SrMJv_qrC355bkwl0xmmd_r14agW9ywD-Vc3yLzLGfiJawOeNcLdUkUu2cAagztMGmPv8rvEtZkulDJwTEVAG4sE-0Un6nrmS2Kqlk_o2mdZ7NGqGhuodDITxxmZHWbS5Yj2ccBJtON93enbUT7n9_1tlSm_uun6iP-SatS7kaXFHwIgZ02gvp0CzIxQ_moUZvF_vm-mu0ZpgsA7ozX8G1zTLw3XZEAwrqosu-BtJsAf78t8tIwPGWjDXkPwd8Jv3MkLyJqxoq9eDgBc1er4ImBGt2GdPnHRWCW7cJBLThPxD4tO4X18Hc0PYxUElNAnuS8Btw1K8LHd8f_oZAzJW1uea_01yX8pZNBXbwpcv5_p_6iPC4Bru-RRQFgcJcCiELNEbvQ8owTjwGpacvbdV0PMXZHX9nipfDzZZHWRYe5wFa58FOAczxOTi8pBnx41Do1YE__sUCJGWph3z_eydU8I_Cq7Ki2OawYBzIMlMIhMtOWwrY1L1sQndTw4O4zCf7ochEHELV_YKXC9SzIN80HG52u7J5Oti3IJSQW0ju4qK0YZfQUa4gd9rLj4yVWi_3oBXQk5Fiw5R5jHOWZcyeM8RWPeGGuh02aDzed10HhBue-qmXP2XBrVLjOd7fbmqRa1dZjRiSu4SJau9jggUDTHmbyzO53r2ZJWZ7I4G76J-KmmuYHgqksGX9pFnTxXP3-u7kSn8IXly2&cid=CAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.scener.com%2F&ds=l&xdt=1&iif=1&cor=13762847650454465000&adk=250412560&idt=81&cac=0&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 25C9 102 B
135 B 71ms
70ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdBx7UiAAAAAAigP8Gm3TUlUXXLgrG7JVD-7Eks&co=aHR0cHM6Ly93d3cuc2NlbmVyLmNvbTo0NDM.&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&cb=rk0qnibtgwsm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 09 Oct 2023 13:38:57 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 78B7 11 KB
4 KB 40ms
8ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1696858737070500&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 209fa5db5cafe9b1ab5165acab869ad64f1810ff0d7378d5b6b681e4c419e716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4204
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C802 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFA582LHkMCvJVBLu6eHeVHRZNKmukjqQUaFFV4GnpYg8GQj_WnePrpV9IZZZUGIbb47BkbzsgYo4epP_zodHL7dVTUT6VrRJTR5qjaZdJdoz2dUr5HRKjkSszAp-Or480U4u8DYpNoGmqsGVY6Df5HSlV2Lo8I6b42K3BfnmLfcxIiAI&cry=1&dbm_d=AKAmf-BHx_yxzYSdWFjDVoSAOEZYehosQNeQfIfD3QjNfw13iDOHWrD_MMZOQI2lBlDoXdIrtnvt2thZhISBuOA1pTKDQFzk2juisIjusqKvRzOciUTbBneU6jwVj6hjFsUTHrAV0uaGQObvt8GFa9pgFwMimIUgB4812A9ZSeF_jQfFqBJW1H8_eEy5M5UA_hd5qeri3kNF31Qiqm7BtjcJM4AAxnit-pXJTALwzLvIcnRFz54mUYcd7pfPLX92mWduGOz__hcMM_HxMK3RpXsA7M42vaE2ZOs2Oz85ePqOo2bY0w0AHdzrMIuJeu4W_xvLyl252ZfdkvocLilRIg2cCoKahiwjhhGdQw82RiDJxdaE1nbRaEVX1qCdmSs1L8sHi676TSd7v4E_ODfuwXWOzZGc3gVoxmkcUXqcDU19DeOk4NSWAFgDCk_PbIA7dxrgyxL1UW0ZHYUZRh2qQW4u-T7DMuofuFJr0iwTcqKX7UAAJtp27tgR--25AN4HrOGr6Xq0Ovm5USTSlew3i-PiZLWPanePTzVuMrMZnCh1rWpnme_RWST4IxIX-s2HO51Czg__wnmOTj_jiSgqJAY-I1DLsBnpQPTviS-B5SUwwR6xWB7TzSSx5L9EFz9zs9s7iYJYEkCF_d1sYOTFYAHxfBnrLPM_eVLYkdskOlzrbSSnckNhB5wQFZCGqwCsCl7whzf38SQ-Uj-FYGTonAMdQr-3_RV4kXLbuAlPKTzlWWXenuqK8fwy0dpr43UV_aUx1AhIvQg3fX6mHjA-xfk_z42ACe253t0hivqyEc3Hk2XwG3jxhZ1F7Cm9Hyzo4qlnjyNL5xpBhVKuKKRFcRhQWo2VmgAD_y_0yxiyj93Cg05sXMfOJDEx7UXiLrs_mb5JpLfTwKH1gKyMVSWtoG2nIf9fhusRXOMYDaur20_JfPK-PhTgc3LZmnzsofU-99oiJB7O7pUg42eeHT041ePWdoEZmuac09ogeTj5CnBGhlSvVCLFBxb1KcAgg6VEjLikg6kKZN5p_RV7V5_r-S7doowNrqcl7iDK8wMBccLZL_vfkEQKyF09oH1VFDdb9wyid6jXZNjXQc_4ovxTRZuPSybrKpUHT86L9ltI8G6NmjaICT-dpQ02Rz7_qyKrCuHsRKKtr9Dz4rNVUQBzJOtMRGeCSD276NvaY1IgT3n84IewYCrihlohBY_bVebKCfxPsG9eOajY0wZntPI8JMK0LBlZyU6XwpNQrDaw6TLDLKOTbd2B651GjE1egEXR6b6bvoy5rGZJpgWQweln0F3mInN2uUlRYbd__eEM3AGk1FDR2HX--Xvcho28ja9eXuTWa6aRqUiCCcTGNTqGicux42ck1cDVYB6w3oonOjkm0D3FffCim-dBdP9GRtJik9nfWmL9iPKgZR_YZ6s2HUobwcDL7MS1Ku2leouBhTakAm2N9yiBt2YpOlqYu4NPn3YLJsjXW5lhqV7Q-I_Y-gBbfBudO1T3TC0X653r242ZDiaEOdF5l3pRG6tGuLL4Q4Dmc2Ncnxrp9FvzM_w7hbcVJQ-4e73WJmTnoqlpldntRKJnUU00QPXVqbXbM68IMvSAT8R-DSHt0PINlb4zqBmmToXrTkE7PNsIORwhX6idLA7kU3SJVJpsEBfzHqXeKJ04orcCTwka6hnXUegHxHJ-0a7Op7WUGrxuaMoz3dtFxBwGLH7cpkVnPuVVBaip1sCf8Oi3TB870Si1kpT1I6tvxnsil9e2EK5T9oZJ9XeksxdyyOrZLE7GzxUoHAQZOlPDEWCXpQrNzlBrLJzs-s9WEDNjEVFVtm0SL0yWgGAnApxq9Yh5bkuIvhawOqE_vRRM95jXq5EbLPMFLWG1ZXbpDhrDvStjo6Q1eEZ6GyDMjfXuCeYa38vKd-5UkzQEYfHPNGwCCmSnn9jAPIedSDG3a1XLvTO2zEdLUlYkVL2O4qbkCJ1VX6iUODSiuFKsozqsFgiv9AVsU-CAgdnM-bbg2z-otvgTvQALoeSATHQw7p0XYLdsDVVuneSfkWSBXcbzigtiAgWA6FFRhEJTjFgJcrXwuo0q4SBpgeE-5fXOl71iSGdANXNUZduLF-iNkQiKmRVfsVxggyI5vkTi-qBj0Np_fj4VO91e2wVrPtB_rQdyVLFu4e5mh_L_J_3rIoI95Pf6zWETpVFsHx4uuk-OaMpy__cCEFLn9g1MNs4eSL4zpEeIyS1vCCUuYFcTv0rzz-k1s-oVzHImBlIRF2l7d8xm6I8QhKoDYjYHJrqOPp61GYmOv1bsYbTbTeIX9_A88iEkEe86DbIVnZwd9TPTgFwIaGa7WUyvvcMqVqbYYuCvughPK0zBFjUKgzfcFNXH00vR-3hP824hPWOikqmBuCYSStdnUeDSqh7U0bjfpNvTyzLv4WyzY7IE__KvUidXanKFyFxvJs45WsSy_cyNUYQdlql2AsDpaG-XyWmrNmJSMr8EkcIfs1OjNr60KTlraQuGRcPBLEe2QM6i-kvpJx-b5GTriTPQd7GI7eJ4_ct77yqL3bnQMoL0q960M6sg6nuh5ZG9tABaKTEX_e7z3XaZB_-kVxC4juAVecn2BbSgw3BLoLuQcs1idtX9gyKb0mBDHJ3b9kpI5ZXEsrRMZYV3K3nITc3NBEOqQosXTLb2zdBp4CJ2_swy4PNAIA1zxMCG-AG9zgOfrMeRX-EuEFpi5N28rdPZ6DhXrTXrErFu4PmNEZaCH2Um0FTFYscvIhPVo8ewp2REEPVRF04l1sA_giv_Nr00AUMBpdrtn9ehDmGGg-DcTSSjV_Ccy1cPUAh-RFd_UiSv93qczJ8KCCes9HpTuuxxyIthtfdbYj6rGF8aAyYJRqzh2EdRNFJk7DeymGrsiFyIC9onGEcJAlAvczPShz-9b1FQbaH6aymdJ_B13D9AV83bVb-ei96HmtTR5z17IZWHni4RjpU-_Lca0FQbj-CUloEfJhMusgAFCNyVJKV0H1j_WsTu1F_NNWBvrNL2nu3hVrY2CSOU0sUsiJFNYnlLiY47XDsQ31V228MC5vcwxQVGGwdELTUCP65KqGJdi97tdLhvyJbN_SKmGVR8lMsEDGRo2p0A4Hf1ZCN7F08aRIc038h92yomUYVALedS6H067_zpiRQAeRqJC57C2FzIzaasmOIaFkPrGQlkdJCWUP5Zu2a_sCbPXNzSoPg-AG49dBvPMsmHHYvYQVR9XYmEeUZUaQ-mLb4A4l5e7xObUZD8KPW7s-qwrThzJzIo8WcunTSqKV2xY7W9fgy4uzkDVBdks63cYncoxGaZkFkYnuYOLmNxR3vRDBg2NvdsFaaRtBOR_IKqe7VJRy0OWJzcO2QibyL9ZWT9XbZHQPlGA4OqfZ4Z02sz0uf5iqJe48Z7AVeId_sOR9DBBUGqj8N4wKxqMlBH0B2iD_IhCdUMR_QK2hlgtqN59tNpvvgq6Uz4gVWFk8V7kE0JD1Qgfc38oDdeZtUsw6gjlzgOf9qLtlBiPT_Kv7W-M4_7MW5gdfMVonI8yKokVFMUzHwE9czXmJQ2CmNV7BnYs8lz540qFsmh4WY02WNCANHU6gyal-m-k0s32qRyeLqEkh8SC63F3qEEEPA7XtaR4pGUJ1LU3Z9l2YNnJyPuzuDJ6SbXlWVdxkQZ-L4ArYA3qcYnwAFKZi6GDqH7nEqHHQYPZwRFZ8niPd2Xkb3qfs-FPtX4H3BAwB4osdMYyHUad-CO_UZd1-0HNLL-4Tz5SaSPK14EDVUr8S60iDlA97AA5kIxBJgQ7S-fUzq6HKA8NK6aAxJH1gOPg5rCAAI70R1cE3VvIVmru8OZGm-OjvgmTDxu&cid=CAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.scener.com%2F&ds=l&xdt=1&iif=1&cor=4653590774002507000&adk=1964084972&idt=142&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H/1.1 200
OK 5zyrr3xpcfb3 Show response
hal9000.redintelligence.net/zone/ Frame C802 11 KB
4 KB 25ms
8ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1696858737070501&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18789c2d22c2b398f2c167a17c6cfc2c11811322f131288a14138c4b8791852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4193
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 88C1 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 344965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 78B7
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

86ms
72ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8c0ed0ee8e20467869ecc1ea2b523342d854b73877397d1e63c1c72d9a685e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 66435400079937704444994012472008
Connection: close
Content-Length: 1327
Expires: Mon, 09 Oct 2023 14:38:57 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 09 Oct 2023 14:38:57 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D410 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 344965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 22ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.scener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 13:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.scener.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 p
tr.snapchat.com/ Frame 0
0 18ms
17ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.scener.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://www.scener.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 09 Oct 2023 13:38:57 GMT
server: API Gateway
via: 1.1 google

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame C802
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

91ms
76ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 63ea4be647bf962a795ac95a6b8d1343ef81fc07863a7ec204699a2b7b85fce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95155900091067604445002012472011
Connection: close
Content-Length: 1352
Expires: Mon, 09 Oct 2023 14:38:57 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 09 Oct 2023 14:38:57 +0200

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame 88C1 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 367302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:37:15 GMT

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame D410 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 367302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:37:15 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 1EDE 0
466 B 916ms
870ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Mon, 09 Oct 2023 13:38:58 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 515F0524:9328_91EFC182:01BB_65240272_14D847C:27FE4

GET
H2 200 / Show response
adv.office-partner.de/ Frame 1202 930 B
931 B 48ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 09 Oct 2023 13:38:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 16 Oct 2023 13:38:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 78B7 2 KB
2 KB 127ms
61ms Script
text/html 3.9.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=66435400079937704444994012472008&nw=1
Requested by: Host: www.scener.com
URL: https://www.scener.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.250.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-250-12.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a852f2246ef0158eabee8406d02096c9f22c342f5488360135ffb50f86068a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
last-modified: Mon, 09 Oct 2023 13:38:58 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 09 Oct 2023 13:39:58 GMT

GET
H2

200

activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343 Show response
5994599.fls.doubleclick.net/ Frame 9A4B
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343?

391 B
326 B

60ms
59ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343?

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ba2351cdecb0898fe92223093227763cc90e766ed2c008e5c155d8339a846bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:58 GMT
expires: Mon, 09 Oct 2023 13:38:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 2BF7 7 KB
2 KB 20ms
7ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=fb8a390366&subid=&uid=ec931897f14f14e1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL-2lcQIkZeSmBNe4x_APv_mk8A2m5b2gab2TnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBN8BT9Bl1nKt6g2USPJ28tphWVBchTiQ-ksWp_hlZnhjnOzclKLBFskf2G0-4brCA2jLdKE_8gR_S5SpJ91czejzJ4zuqD8fv-DWf6Y7aQmTjo0bJCjKADDjWhzEk9E6gtK1OKvatJ84ao2rE-maaralFXw-KGJCZ4oiHQOoVJWtfIUv_tCZ-CgXP_AW92hgrHvoQIgOw-MfSML6nWlAVFSjjl9yHDTOJZXp9sCoXcb9rwVGbx6RGmLLcDYzDL46we2AIfNGRrTSCViZ0Xh2H7EeHO23CxGmmPVNhUTKB46qBcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCIeChrKL6YEDFVfcEQgdvzwJ3rATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIpKOHsovpgQMVV9wRCB2_PAneEAEYASAAEgJenvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_1abfYJrB5MYa_MKuYlVwBfd31_fw%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-DD0cmoD2-L4xwAcxy6W_QSQsQwSw5M0BPYjueIk7kgxR5QbOoIMZuP25amCfO2K_VC4e6UInCBSAj3usq8QCF4S-nJoW6lwSugirmYV9ePQ7hgoJlXQ3sPsElYyENu8FfGi76L5psX3tIgJ1ln7pQliqoDQeCi2SBzp5C7IVpxEePsZuo%26cry%3D1%26dbm_d%3DAKAmf-BcKhj1JT6H-HiG6-q183A-5CYzEGfQu4VA-tgNiB2urZCO53JnYMHsSrZw17ziOGsAFNtbS2LXbuwmLAWYXv2WZOoDUjdTLQifW20T92kdSbDZtvgIq_K4K-hvt_Hc8HkfiI-xNZgjltCchEQL1N3WQW6OoGOSMP6DAQjo7YH5YlLhbgIJWKCzuGilayeBkPGKjk_LIaVZwTKaG6yji-oBOsjau8gBz1-WdnAqEAk4Yr7msn5x1t24FAWsJY9mYDMgJrHsOBHJMwiRaIdIr5NNr7Ox5CwN7dR3xNoZZ3SgaZpjcZL8QdLg9RrO-d6IVGsLMhig2krN7RL1PblBZZtCM9peSxSR5Ch7Z9HaTsj4gJGJJGFxm2bfKK31HELW93cpDJuQE5AjWKog3kBIhZZP04ArJzvqkrgzLT6vCrR7-i871RD14KFmg6m-lbTVxrYMc9tWTt0KwGfn-KdfEYy0MWHEnYdr54S5vQjI85wDZwFx9n3lxvJTCeXp3FnGoNWf2vIll0W9-nOATszEpuexeJjwA2PGOejH2TJf_Ad5ehuZjnQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=6892949649027&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 246cfb6462d3b66235d8cccd5045f98daf68ffca238ab424b54c1d3562ae91b7

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2110
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Oct 2023 13:38:58 GMT
Expires: Mon, 09 Oct 2023 14:38:58 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 78B7
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
482 B

776ms
749ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 515F0524:93B4_91EFC182:01BB_65240272_14B8F08:1D8B9
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66435400079937704444994012472008&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Mon, 09 Oct 2023 13:38:58 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 78B7 43 B
702 B 93ms
52ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=66435400079937704444994012472008&pv=1

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 78B7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 484ae7513e66b3f55f762102a6a7a8ac8b99bf2064a0419f018de1242710e84c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 3EEE 0
466 B 784ms
760ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95155900091067604445002012472011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Mon, 09 Oct 2023 13:38:58 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 515F0524:93A8_91EFC182:01BB_65240272_14B8997:1D8B7

GET
H2 200 / Show response
adv.office-partner.de/ Frame 00B6 930 B
930 B 7ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=f4919e661f&subid=&uid=8d4dc06cfa2751f6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9CZjcQIkZeWmBNe4x_APv_mk8A2m5b2gaZ2XnKfJD_AuEAEglLrylQFgldKHgpgHyAEJqQJrWt1WQq6xPqgDAcgDmwSqBOEBT9CF0yWE-K_JKrzzEGCpx5irRffPiWC1CFDZ07zUgFv838Z-GtqiSTKPQKkKK-_ra28eXjJNe8YlB8bbTwNSYSLixNwk1dP8Nc9yU_1lmZs8n685bpsyABS_cOyZZKwjd7LCPfdC-R8fFQMpfMnymTqaM8Yzz9-TY8Ziqk_X4IN1rJD7xeEh5GRAHKSIXCmBcbIs61jye6XR3lAkxdpaEhJeEBOEezcD38aaNCMxZIVOcTTHRTS7IANazWsiUcJNwWRsc1U_E8lWm5_5lNHEkaPrbR15M0TAdpXwQZjeqsQrwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIiIKGsovpgQMVV9wRCB2_PAnesBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIpaOHsovpgQMVV9wRCB2_PAneEAEYASAAEgKIEPD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB%26sig%3DAOD64_0ITq1EWOORrRDktGQNHBTcpKY34g%26client%3Dca-pub-8353397542178803%26dbm_c%3DAKAmf-BWcJj1YugLpzifiXAfdtpX6BZgcnJu1ui-ZOQ5uSp2KcnJhNyFThJVSTViP3WWPu8Ko5AX6RGillEQqrM7pQ1Ivvz-FO-Uq26mGCqXovDBOUBLhEwBIxn8v6PxdzRMZpqAQz622A5kuHPgKidA-qxOZ_KBusx_tgK0Z4uRnNk-4-pVraM%26cry%3D1%26dbm_d%3DAKAmf-DK1qehKHyLhmM6bPMJFW9ORn88xZhl-L8VrTU2Lw2Ks3Gv-qSofOy0MdhCXnKw0R123C_tw55GaWAZdawvUUgtLfRJulPoG27O3t8ZHERZK_anRapOOzJbPywuLlaR1ksExjksDeI_yvPyNik9BJv1qOxo9DPRyiWXkuNmlu1SVTZWJIV5LSMuzsH9puOhZN6m7GcV7oThhevQUhkDm5TyWChCRlhP3PfwMaP1NQB5vN9ID_eA2DFzgRMx4uLqh-dk1kCKw2WMfJK999f7fapush3ovL55066xzEp9o7knXLQgCnqZL3CjFRU4KC4GOfcQY3nDNaMKrXLwuvtgTcNM_n0WQlebPoIRsO-Es-a6jJHHIzripYrJsJPCEXzZz7NNlr2XZtsaUCmTywQCDq8Vw9hwSz67J4MzRPlHUvn1jK_cNcy5e3AiK8Rc4e6i8y5GH0Wu0h30AVoVZdQb2z45qQuD69uHAr1HomYOPRozMA1jSy_-Qr8hPHdQHqWBezQ5zx6ELG8udrgENP_27kgKSpDlWm1viLO57n5hJxDXXHpAdyI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.scener.com%2F&ancestorOrigins=https%3A%2F%2Fwww.scener.com&random=4251656463814&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 09 Oct 2023 13:38:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 16 Oct 2023 13:38:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame C802 0
466 B 797ms
770ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=95155900091067604445002012472011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 515F0524:93AC_91EFC182:01BB_65240272_14D9044:27FE5
x-iplb-instance: 40028
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame C802 43 B
482 B 785ms
754ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=95155900091067604445002012472011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 515F0524:93AA_91EFC182:01BB_65240272_14B8998:1D8B7
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C802 43 B
702 B 83ms
69ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=95155900091067604445002012472011&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 13:38:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2BF7 5 KB
1 KB 43ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 13:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:07:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 13:38:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2BF7 17 KB
17 KB 21ms
8ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a48367cfe9596c5e216baafba48e699fdeb09db7d80087b2d35e356351c360bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2BF7 16 KB
16 KB 25ms
8ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e4aff6abc63f6a4c9e7302763dcba832f8351fe2753ca756ae40a91e0eea3790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2BF7 11 KB
11 KB 26ms
9ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d2740929e1d918dfcf0b63b257be5c7688dc8032c65823622f5ffa3a5eaf35db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10942
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 1202 174 KB
63 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72be94b69faca59cf40397fd6734eac3224e8d23c540564f6f6d00f703eb5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64049
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 13:38:58 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 00B6 174 KB
63 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ab30a6896a2262be1733ea704dad75bee4430061849617d92806887567fe5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64011
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 13:38:58 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2BF7 0
150 B 35ms
21ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=66435400079937704444994012472008&a=192da68c&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=66435400079937704444994012472008&a=63d46d6d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 78B7 52 KB
18 KB 53ms
8ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=66435400079937704444994012472008&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 17:12:13 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73606
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0WPOQp4FSnzOj-MnuABYnSyQTz7zUNFtvnP0fESwpD07pEAlnGpW4Q==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 78B7 85 B
437 B 59ms
7ms Image
image/gif 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1696859038&Signature=nOWWiy~ZiRfFs6~nNArgqFf5bxMZp3fq3DTpaToelgTMrM0~i1n4NQ-eu8kt527kXxpQYyYrZZSzvD5faeJEGFoXnQ3fNnxUfbfajtaP8ebmHQhyWCIdwf1v86TesHU~tDOdLFSiNb8u7FM5-a-oSh99cXn50kcmKO4R9Jbk7HCUN6K~YRtMgXGUo3YWje3qbrGEbE6JlR9B3X6lfrc5D9WKdawJ5yzV5EJMJ6D5AR3UwfETezV8kkqR6aes26VGVxEEJFuc3rcN3wsqoN34lxlzfn9VmzAPtbfFiDBfxHtRW73PGuCYAL4-2mA-q2JAeBOho8DBgBZY-aVxRtzyZQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 09 Oct 2023 05:43:55 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 35592
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: puRJjJFMLK8TDuMoski8oZg-eEJ4xOAiY7GTe54kmYABULJhy5VuXg==

GET
H2 200 dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343
adservice.google.com/ddm/fls/z/ Frame 9A4B 42 B
401 B 71ms
48ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGEybKL6YEDFWpckQUdJaQAzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5259364607539.343?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2BF7 14 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90008.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 225252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2BF7 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90008.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 295077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 03:41:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 00B6 272 KB
90 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b27017759827ae6c7c31f77e133446c74cdb0ec3bff89e1a1ddcfd44dce7a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 13:38:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1202 272 KB
90 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e9ec1e081547fa47cd3659891fdabcbfadcd90baa414856a3b0f98440f9ca28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 13:38:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D410 0
20 B 114ms
114ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1T_WcQIkZY2ZL-ql3gOgmqHgAQAAAAA4AeAEAg&bg=!q6ilqOfNAAYMG8UMLBs7ADQBe5WfOFiFGABZglySE5nR4_8p6ecCIvKr-M7_te_TLNC_bPrM2YeEeI7IpxWOdYvS-kkMAgAAAXpSAAAACWgBB5kDBhGsPhoIRVELV01hVW0Bfn_aPPd9v0WGho7jgMY7zO8gq4IcZtyQcjJp1ChWrIME1ra_KTFONjY3a8Gv1BunNRQmnLGAcjoTAuLy1D_VZoBPSMXsfVani1K0AZMmfI9U5RiTr1Co47Ghmdsa-7o_D0qdorDVo5N-YPKMaAUN8q-UYQFgTNrRnJ84QEa7JB2Ox3hMHjKcRIImv-al8GOyP2IDHitXCDaD0tINFUiQREbgVauhffTmG7hKS6hIOVzH5DexdNTjF9Yay0V0ypLSzs6FJCQYHngO0bmLiirT7e-XP3Op5xq82ujupK7p0_Gd7wkqn2AsG5AfHu5rB4x-NyxWsyNdnsub-r5YJ7yBWf2eBatyWHPQBO9gBJt6qLDtBuoiVGT3J4qgaX6rHE8pg5OpTje8cGozVcdB7m_QOp2_jYbCo5kY5aNeqEn2KqZIT_Q4kSMxnaDt_Ys1GL_Pq1JGrFZeASo8Prvn_LB240c3IaG9eKaxzOAcGYoK1sgUta13M7RvKxOQ11A0fZrfWxdONn7hffySCgGqEcynq_z7J4benHdgwkb-O4Ucywc6sYZUqXMxTOOOxnC-wLHCmpkZMshZ60hn82ou_rgH8yBD_xwYvb3f5U_aTvGBuBPru8lozJ8JeSZVuRNsRmaEwX8ek0IC7QSiWNtHlLY_RGXGLZZJzI7ToB_fsg_YIadcZsIOu13XQi3_cVD_DZSSCkbSbtp2ZAQx3cV0yO6Ik4BLdn1DFvC3F9HVdcl8dHCmcd2vY7Y-I7NrxIgm3tamZ8jPNt6tvVV8FywiQxjzj80wOx4k6AoCTtk6ETwAfuiQUd_UkRyJsH0jasAXzU6He-kLbkQ0AuDJUhDOEfBHTMb8PgMfOiLhCh9AEJzTRALi1_ntwXbqOhHUrnsvtlJDAzZ47z_39pGvb3sBxhvsc1wW7nnEaVnkySn14WbfOF7qP4f3DSpIBLWBKGL1VJS3xg787Ts06a53WT-YuvWtTiJOBft_azNAnLpyt1AK-5Src9F9eDg5LA

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88C1 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCCLXcQIkZZe6K43k-gb4nYywAgAAAAA4AeAEAg&bg=!WVqlWhXNAAYMG8UMLBs7ADQBe5WfOG1ZlhzRu7sjCUkeeFS0kpjEmIb-NXlVjFRpdsHZJPo3zAM8ON9W-80HLUPnyQrAAgAAAXFSAAAABmgBB5kDDTkm05e6Um-itlaKMoTrSaHFbo3hSYFyQ4LXaSDtT5geUeEU07KVdgOa1IyoQGQwMN6717bTesLbryTXE9DdBWrX8iOTtKtW1sm9rzoXgCQ5hhrP_XjOn1xu7g1GcyWGi1kLp9GoMRhNWsdRqRRxQx5UvKGBqiO59bhbgtwfAvhe7BfD1VOJfitOhYEqsF5vtF-dB8hCPdR2t-4eysfvt3piibuYl6t2Tzdgj-3jnziubRHx2rLWmYK0n6_MoClCB4zzpQ1j13bqMN9hIGCb-dfuUva7hRYMaBp4LIHyk6U9WSfAx_qVWDhLs-lQgR7ehmPlSoU_Rv1PuwYrcXJP55Bmc-nT7Q7zBc6q0IsfUEgfUpkpJ1Ur5OTh9lk9iHdWkgxfrO7b5USEhqDXOVK5gviHKg_Xhqoc9DWWZRItgy5vmsd3yfYofSY4OfMiutVLu958MVDB_P787v2uA1Jmg9MCM-RHI_5P68yd_QDo_y6KRdaUnpJjMgoYoGGBkwbeKP8mlhV6ETWToceW3uct2y0T-B5PnPpdvondOZvj0PpXzyT5AYvTV5EWGjGogRtozNhl5xMXVIcjsBuma0ArnP6CS1plyrE0uhnjut3zHIAgi1XpxOOrngcX2vvL9vYbrBfhf2x-j17jhxldlCgoXjQ7rNp1fLJT1KSNQ2Cq3fhf1u3mRF8mHNu_71L0GGqwew8xKR9fwTOgHnf1VMCm_ZXVJv9w-tSd0gzIUA3KL6N9X8i5BAMEBcCDiSQSrCPUywfjct-n4F-q7kz1vaJQEZK6kmf-CoPt3eJES-iJ42re7q7z4W_jtzJV2VIqXc0muA6RyCHS0wnU76g0jRZjaMKtfpw0ZlvwLmEag4LxwxasGnhBeHIGuCVk2WArMR8adYCfJM5olSYg6nGzGGWsAmJ41umkRTJYWl3rQYd-9P4c4tdGyBoKnxv-rzjEJ-QRNwgmYjPh_vd9Ugpl6J9ec8X7HQDFtZ2gB4rLbcT2E6eJTfg2ptPa-soKbLtqZjuXSnFFwiKBM5p7Rs_7ZDg

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame C802 2 KB
2 KB 68ms
68ms Script
text/html 3.9.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=95155900091067604445002012472011&nw=1
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.250.12 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-250-12.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f0426d1c0c9d61d4b0ac25336eca0cb0fb85ab86d33c92a5a62a0f5a1fba7697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
last-modified: Mon, 09 Oct 2023 13:38:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 09 Oct 2023 13:39:59 GMT

GET
H3

200

activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109 Show response
5994599.fls.doubleclick.net/ Frame 7747
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109?

392 B
240 B

55ms
54ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109?

Requested by

Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

596e0c91bebbd94fa56b81863778a22b3c2117c6dbce422e7ee2e890d962223a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:59 GMT
expires: Mon, 09 Oct 2023 13:38:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame 292B 7 KB
2 KB 21ms
7ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e1d030293496f7351b7514caab0c30ccf6b9eedff81cb458e00fc522726ed544

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2076
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Oct 2023 13:38:59 GMT
Expires: Mon, 09 Oct 2023 14:38:59 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame C802 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1a87accbd3f1a8e65a03976791629e3ade566583c72b6ed753ba4eeccfca1cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 78B7 16 B
209 B 63ms
63ms Fetch
application/json 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 104ms
21ms Preflight 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:38:59 GMT
server: nginx

GET
H2 200 css
fonts.googleapis.com/ Frame 292B 5 KB
778 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 13:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:02:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 13:38:59 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 292B 17 KB
17 KB 23ms
8ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a48367cfe9596c5e216baafba48e699fdeb09db7d80087b2d35e356351c360bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 292B 16 KB
16 KB 22ms
8ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e4aff6abc63f6a4c9e7302763dcba832f8351fe2753ca756ae40a91e0eea3790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 292B 11 KB
11 KB 24ms
8ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d2740929e1d918dfcf0b63b257be5c7688dc8032c65823622f5ffa3a5eaf35db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10942
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C802 52 KB
18 KB 9ms
8ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=95155900091067604445002012472011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 17:12:13 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73607
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: kGW3pZOVEux6f28f07skQzQN0Xt7eb5bMnjKGBcNrYUL49a1BXxetg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame C802 3 KB
3 KB 8ms
7ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1696859039&Signature=ZHuFFTeNtZt1W8k5-CP78JOMCTxWKpICzIrYQeYDMVT7ypnnC8ekZQSAahX5YpLyky7Lgk80vwG106AU6DdoA6J1--JS~EumfzBivZV12zOxaICH4iRYtZeBc-YzfsidrdAGbfqVpE5uYirHO3Kn-yxeVUN915HrAmO58FuAsJot9s1iLON15fh35PAFwYNcA2YDDaIFmxoVwpo-0ajdChkjhPHBgqnnMqmHhg1mRC2e2JbwkDSqlSPWj0FVHrgEpNsvgCfLcavzTBhpBNnkEvhQYiHQDRiI2~kX-YYhDH9spjq4wqI9CCnr5veefUlFt46GDNizbLSJdwdOBHUIrA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
URL: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:11:45 GMT
x-amz-version-id: null
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 41235
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: EfUZiED8q7DGcq2kBo0FndwjjRWC2EDMLPmQXHE3Ap642HGDNqgo9g==

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 292B 0
150 B 23ms
8ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=95155900091067604445002012472011&a=ed79b85f&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:38:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 292B 14 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 225253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 23:04:46 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 292B 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 295078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 03:41:01 GMT

GET
H2 200 dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109
adservice.google.com/ddm/fls/z/ Frame 7747 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKKLg7OL6YEDFVJckQUdDHQLZw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1058024290899.4109?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:38:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daeb2afdd6f19e0e626aebcaa0eb267630604117b7dcbcb3b2e10bc67d9983f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12106
x-xss-protection: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame D18F 200 B
839 B 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2650461
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 13:38:59 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 180920
x-content-type-options: nosniff
x-request-id: 471e3fe2-d507-41ce-9585-01b3e56a92ee
x-served-by: cache-fra-eddf8230117-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D18F 631 B
528 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 13:38:59 GMT
via: 1.1 varnish
age: 2650461
x-cache: HIT
content-length: 399
x-request-id: 27b4e4fb-4748-4304-bd66-2b026476b846
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 172238

POST
H2 200 csp-report
q.stripe.com/ Frame D18F 0
717 B 560ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1696858739736191
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1696858739735397
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D18F 0
716 B 560ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1696858739736492
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1696858739735535
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B1AF 930 B
1 KB 24ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 91
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 13:38:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 82
x-content-type-options: nosniff
x-request-id: 8000bcc5-e752-438d-aee2-540c8ea7290f
x-served-by: cache-fra-eddf8230117-FRA
x-timer: S1696858739.284078,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame B1AF 0
490 B 532ms
183ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.scener.com
URL: https://www.scener.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1696858739736320
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1696858739735476
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B1AF 87 KB
15 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 09 Oct 2023 13:38:59 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 45
x-cache: HIT
content-length: 15509
x-request-id: 33a04de3-ad0e-4d6a-bbe7-7a21bdad9924
x-served-by: cache-fra-eddf8230117-FRA
server: Fastly
x-timer: S1696858739.296467,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 42

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 13:38:59 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B1AF 156 B
669 B 560ms
180ms XHR
application/json 52.32.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.98.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-98-110.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0601b43138b38666ec15918fbc1c1127e1a3d823197203977b44a7d45ba9b4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 09 Oct 2023 13:38:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1696858739814679
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1696858739814374
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F3F 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 11:52:49 GMT
expires: Tue, 08 Oct 2024 11:52:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 930B 829 B
561 B 17ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3016426fb28c257159309365992f9ea825746ef6bd73ec623e0541a6ec1ebd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bw2U9tmPT3XMxoZQrVAfzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bw2U9tmPT3XMxoZQrVAfzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:38:59 GMT
expires: Mon, 09 Oct 2023 13:38:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F3F 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 11:23:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 930B 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=4303603916233094&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F3F 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?64hTkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C802 16 B
209 B 63ms
63ms Fetch
application/json 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 13:38:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 24ms
23ms Preflight 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:38:59 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=4303603916233094&bg=!KimlKWbNAAbjlzx0w5c7ADQBe5WfOCtfCblsytvnmuM77M1Rt7pyzpqZ0wa_HgzzIaITnKkpNPUjhHm7BaBxOTSse1mtAgAAAEtSAAAAEmgBB5kCtWobtz-325tORG5Hm6g9OLymojD2s_WBo1Y-imckgRVWX2mt-NU3BwgdL39pm6jbDSpCSJuYWc90gTxzZmMSxTbSYvBnknmY9roCeiht1DL-kEkAw-V3XX04m6lRFAlFyMURJhS6ni06_VNUuoRwcNFc-eHOy_R-giKFULFZ6nMA3PgvX6QOg3uIZxGIguAIiiMewXRpldaifsygguu7STAswp3-jItQEwVep7ansWSEobSU_Ca-wlQz3XykSqop5Y9HU_s5yCLSMx4JE1MjncrshK0ba3qGsWVXWqY3ML72bB30nTNjhKyQbvK4Y57aIech86HflOUV6r92VUQqmdg8yhbbZRU90s3uF7MI_MpMFIMpOUaRyRTt1xmRDeRE_OfcJOYOF93GXVpejc0PP3g3PmTKAIbCG-YtcitSjSEeuQGIbbe3PIXB8OwKJ1_2A33HxweEwu3usuapRfPp6n-bOkdN3ch8VuVqI3Yj20HWbdOmwXmVRQt05Pn7MwrvVFWnP1JiAu5yWbe2YJVRSLxYwUgtxWE2Xo-xJ1X4p5BnVCx53_xOmX9rULyvOd11SO16qtA9h9ZiH1iPDZkiEsho1ACtVmQpI0HZJ_r8qbP-9-Eqt2r5ARaNkt_InKwQ0_LeBI8Sw2iBIWJw63PNm06pqVO4r-rI2ZCHal91AYSu9SsKa4jcen2RaE-MaGw8RKE1yFBw1aTCs-1Csovk_I1ysjUKdHQ3Nf1Fzn-aeZeV_BwlMRIxdsJB5rHxVLkpzeDTB3kXlFDEi7o_gjA_yAMuSaBfbvkrwcY4tyg6FfE0xv_xcYNr945FKnh7a2QiY85O1Y2DE1bzG_O1geB9gDWAjUdvTZwvP_6Yad3QAgSR3WGwvjtOIZuAgTGVGTme4JKrHy4Vg5z1tDxqNwWRJfFKfNuPRQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.scener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B7 0
20 B 108ms
107ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8989901588637&version=m202309260101&ct=77&x=1&cor=13762847650454465000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C802 42 B
64 B 164ms
164ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu78PkrfUK56lBXOD8d1IHaJyZ1KK11i9S9Qdk3wMB9zdBgjkivXzR9pRwoNaYXh1B67dPn0fAU4VJK95x4hN9M21erko3NCSx-1I8ypdyVaJduVxBEiPcyIUQslvT89Fs&sai=AMfl-YS8-vWCRzrTgOAN7UbqY9W_khebnGeAlMS7fh344Obm5-knwFGm4wripFOvxleaXReeY3KpRBviHMxnV6ylBop-7b-XqbLi1EuV82ouUI8PRdNxF1Hb1Tudy3ia1QDH3ukwl9Kck28DxoRl&sig=Cg0ArKJSzOoMT1oaDQ4eEAE&cid=CAQSSwDICaaNvAhx2fAMYBYlMc1vm_24al2mrLpnbUuA_0puj5lFhZyV-YbI35XUddRzgrLg-n6iKl3NMalnUJLQRBGqZc9EdwR9ay2wMxgB&id=lidar2&mcvt=1000&p=699,315,789,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2852720204&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696858737447&rpt=1658&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C802 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4157477946687&version=m202309260101&ct=77&x=1&cor=4653590774002507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 13:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 292B 0
150 B 23ms
9ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=95155900091067604445002012472011&a=ed79b85f&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=95155900091067604445002012472011&a=746c266f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 13:39:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 15:22:25	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.scener.com/	1970-01-21 00:06:34	Name: scener_tags Value: {}
.scener.com/	1970-01-21 00:06:34	Name: country Value: United%20States
.scener.com/	1970-01-21 00:50:45	Name: _scid Value: b4304cf9-ca2c-43a4-9105-1d6580003b85
.scener.com/	1970-01-21 00:50:45	Name: _scid_r Value: b4304cf9-ca2c-43a4-9105-1d6580003b85
.scener.com/	1970-01-21 00:56:58	Name: _ga_SKGG26LBQD Value: GS1.1.1696858737.1.0.1696858737.60.0.0
.scener.com/	1970-01-21 00:56:58	Name: _ga Value: GA1.1.2129910099.1696858737
.doubleclick.net/	1970-01-21 00:42:34	Name: IDE Value: AHWqTUnFspbRF3lVcpE-E2EPIBZu2wiPC2J4_CYkJxg5JMBrh4WJmEfYv-pVNQFa
.scener.com/	1970-01-21 00:42:34	Name: __gads Value: ID=9f25a7f0cf37ea5c-227a9a1742df0038:T=1696858737:RT=1696858737:S=ALNI_MZLgPCo8cPnuiBj7FwBZNNeMlF0Tg
.scener.com/	1970-01-21 00:42:34	Name: __gpi Value: UID=00000c931e0cf3cd:T=1696858737:RT=1696858737:S=ALNI_MbBFCVrbwDxbrIQ_bn8FzpDgur7Uw
.scener.com/	1970-01-20 17:30:34	Name: _fbp Value: fb.1.1696858737710.1752702262
.adnxs.com/	1970-01-20 17:30:34	Name: uuid2 Value: 1519651282326378042
.casalemedia.com/	1970-01-20 17:30:34	Name: CMPS Value: 5226
.casalemedia.com/	1970-01-21 00:06:34	Name: CMID Value: ZSQCcQuOQWbeVbVpwJZiJAAA
.casalemedia.com/	1970-01-20 17:30:34	Name: CMPRO Value: 5216
.doubleclick.net/	1970-01-20 19:40:10	Name: APC Value: AfxxVi4mxk10RQiA2Q4I2oNdmITvwaI9OQ4lqRQ9QfCEAl5cX08JOA
.adnxs.com/	1970-01-20 17:30:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImOJ5=1H!@wnfH8K6pQK`!5=E<*L5?%KHg2nG'i(Ej'e9hF/i+%s_iq8K%9NzDxOY%Ci%nugO%v4VB%nmG#)iesa
.snapchat.com/	1970-01-21 00:42:34	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIVByMcwiGKzjeluaniC3oSrkPV8JOiFZUP6J75cy2MIKuPusDmss3RTIAAAA=
.redintelligence.net/	1970-01-20 17:30:34	Name: 8lcfmzhxc8d6_uid Value: 92d249d59ecb04a9
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.awin1.com/	1970-01-20 15:31:03	Name: awpv11601 Value: 113440\|1696858738\|32c21370-66a9-11ee-8e02-22641699f1ec
.office-partner.de/	1970-01-21 00:56:58	Name: source Value: {"webgains_webgains":{"timestamp":1696858738370,"clickCookie":false}}
m.stripe.com/	1970-01-21 00:56:58	Name: m Value: 2ca93f1a-c2e3-4b0e-9a7e-e31ec5a81f8af0b837
.www.scener.com/	1970-01-21 00:06:34	Name: __stripe_mid Value: d1b80837-6713-4f9a-9205-3930f10054510ea0fa
.www.scener.com/	1970-01-20 15:21:00	Name: __stripe_sid Value: 4cd007a1-3469-4f9d-811d-626ff1e84c277308c3

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.scener.com/_next/static/chunks/7581-ce6ac26380d96e2e.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3149408578918334&output=html&adk=1812271804&adf=3025194257&lmt=1696851537&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fwww.scener.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696858737116&bpp=4&bdt=4590&idt=265&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7277543717989&frm=20&pv=2&ga_vid=2129910099.1696858737&ga_sid=1696858737&ga_hid=1594606321&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C31078599%2C44798934%2C44804782&oid=2&pvsid=4303603916233094&tmod=1537684660&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=304 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ee73801fbe8312f474ba1c207e6e734.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcfn.scener.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
js.stripe.com
m.stripe.com
m.stripe.network
media.scener.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pv.medialead.de
q.stripe.com
region1.analytics.google.com
sc-static.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.snapchat.com
track.webgains.com
www.awin1.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.scener.com
104.18.27.193
138.201.63.150
138.201.63.165
138.201.64.38
142.250.185.70
142.250.186.130
143.204.207.250
145.239.193.130
151.101.128.176
18.66.147.98
185.89.210.244
2001:4860:4802:34::36
23.56.205.163
2600:9000:2250:2000:6:42:2840:93a1
2600:9000:2490:b400:12:5719:c480:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:400c:c07::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a0b:4d07:102::1
3.9.250.12
35.190.43.134
52.32.98.110
52.56.171.192
54.187.119.242
76.76.21.93
94.23.99.218
99.86.4.52
0037ce761c90335dd71b547152e979f167acbd9b59b6494d65710d2e5467caab
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
045ac7c8717e79721024f691b3e011830973f4341ec6e5c12347d06a1745449c
0601b43138b38666ec15918fbc1c1127e1a3d823197203977b44a7d45ba9b4d8
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a68faf334cf624cc72fe9a2c23879d943f198a6e8dae9d07f1c854950db18f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e8208049601280bc5fe0f192f5dfbfc98c0389331ef5842b61aef9bac1aa1d8
0eec2a346ff5d6bc99f84f4f96c1e99bcb8bfaae5cb354e734e1dec3119e8a43
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18789c2d22c2b398f2c167a17c6cfc2c11811322f131288a14138c4b8791852c
1a256b52e64d365759aec3dbb6dea3d4ea5c11d71a55d76cedddce1945aa2d22
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
209fa5db5cafe9b1ab5165acab869ad64f1810ff0d7378d5b6b681e4c419e716
20f6f93dd0d6e4a6bab501e85ae41d51f7e459d19b4637f315568fc9c544145c
21de01876c61a9de884d865a683546adc66ad95529953658b3635c7f4cae289a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
246cfb6462d3b66235d8cccd5045f98daf68ffca238ab424b54c1d3562ae91b7
272abc7da7f1aea0a50a69ada422aec660c2ce99df94a8feb31211e5642156fd
281dafae772ad2e65c4b5a7230208894a14155ea7c9a719ba475d45bfc0a1e5a
291b5afcf8fa49c536f5a9bdeb76a3f7979e76c1779cf0336b2701429782e4f1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b33b6203dbfa6df64745b3fd67ebed5f5f14a84cf421973860a153c4558c3f4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5cac607fbbccb17082aebe57e871fa9d2996ad3d00cd0f5d08bcd187163d7c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320c9eab98d659eea8674db00abeae224caed94e532d7b758a32a5097d8f2821
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37de9a9f3b2b7ef655ff8e831822383545fafed997329aee23a4c4ad1a0e6da5
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a415eeda877304fdc2c15a9789c4b8fb327ae9a886ec5158189d47943e605fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484ae7513e66b3f55f762102a6a7a8ac8b99bf2064a0419f018de1242710e84c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e9ec1e081547fa47cd3659891fdabcbfadcd90baa414856a3b0f98440f9ca28
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5255ec95613ec358009e33be49f2aaf2e4be69d631453e727baa8d9ad308a006
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596e0c91bebbd94fa56b81863778a22b3c2117c6dbce422e7ee2e890d962223a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae
5dca1f074b821164287a1c82133bbc725d2efed76db71d31dc9b1eebf0474b28
6077d659c1924659a15566a64b707f7c9f9f0e2ca2e84230acd17a620f0979a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
63ea4be647bf962a795ac95a6b8d1343ef81fc07863a7ec204699a2b7b85fce1
6667df51725ea7d9db2f4a7d64a2bda795e491fdd7b03c2e0462ff3ebce0d427
6a801f7c12dbd2285855b9ad3fa479c467c2d2448395041db68e5f32b006e8b8
6b27017759827ae6c7c31f77e133446c74cdb0ec3bff89e1a1ddcfd44dce7a8a
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
72be94b69faca59cf40397fd6734eac3224e8d23c540564f6f6d00f703eb5499
73419e3a925da71904ab4b3e5a9502dcf7ff719bec66dd17919cbc0f417372d5
7380659e26147659d1b3ac655c18285b7d3a66486a21c73d0f86637d1f511f14
741812cdd3301dc06ab0c3f4a725b2370674d365f5fae4e36629faf2729c2a48
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
7772026aa31eedcc171fd00fb02ab5d2d3f9aa06213bfe7b9dfcc77355bf97aa
77dc190f943b3b0495c171cc57ea28e05dcc354d0341bac69d5c2b5b0c1d0193
77f057f5351d8ada4f65c2ffaba55be7957eeffc364d64e85d34a6ae41b73e5b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
787f949b0dcd2646fd7c5c8437ee47c076a42d92d316ed6c6406fb9cb94f6bb3
7ab30a6896a2262be1733ea704dad75bee4430061849617d92806887567fe5eb
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ee615b8e4d6d6222536309c5b90ea4c35335d1cae62852b332865fdd9bb3323
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
807072fcd05e6c7bb285c66f8da0fc5ace71e8c8e294a35cbe8ebd181a61d032
831556b334242467d78e5c235decd50ea999663e57e8dae012da2b4454ea0287
8692198e9db8cf8302b47f7ef8f63fee94d8411ec613ca0b6245fa0bb2269c74
889aaa402a8c74cc2beabe5d37e8c27ea751826e99b236e44106f114be5cb6f7
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8c0ed0ee8e20467869ecc1ea2b523342d854b73877397d1e63c1c72d9a685e28
9091aad8cbd4b0fc28f3591bebc4961c0301ab95503477739953bed4cca3d2b9
90c57993b8c26f47826afdfab259ab22c41130a4a8c105e538864fae073256e7
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
970239bc6e6b1a0e6c578f497ef1b2d0a1cb56111a588747dfd3df1a7f4132ed
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ce2f386a6749eba15e2fa6034580a69ee6ea261a003067807d83f8bfbb81f15
9d208b5826bfea6982c3345fed748b36c9aaa998a729ed04cb42f2df1fdb9259
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3187342bff92211fdd2eaec05c3459396276649caac1df44d9eb5a68c2e4f45
a40260767d46373cfa0593c2deb5ec3fc6ce16e298d7ffb5725060c83e93d208
a48367cfe9596c5e216baafba48e699fdeb09db7d80087b2d35e356351c360bf
a710628fa0b688892be43dbcd9f22009fc9d7abe84777ceba41eb7e1252aaeac
a852f2246ef0158eabee8406d02096c9f22c342f5488360135ffb50f86068a0d
abc8ef91a30c7108b243bc1e82fbf6461c02f16c7cc0472c0f756a5b3b0255e7
ad41c26c911479a899d2a7af6dd4e699081fcea28e0c279dfa762c54499297a4
af1e3c92517086ea2245143a9ee42097e21bdada9c2dab8825c87dde96c2b1a7
af39585b67a5e34a20d863cda7739bfb301e3be7df07f6e592bccdd84485e998
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2478a3f4af3e3e1c0d3f29d5eab76d512c79a65ccf4408707ab26b885f8b2c4
b3016426fb28c257159309365992f9ea825746ef6bd73ec623e0541a6ec1ebd2
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf
ba2351cdecb0898fe92223093227763cc90e766ed2c008e5c155d8339a846bb9
c106eff54b4b00e0ed15d44557339dba87e99aaa22fb5a5275624b036f94cdbf
c90fdcb74046b72c463c41cf1b6ebfbe186c029282a1598237ee7fd0395e97e8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cef4c3db6c1289a3f0855c11897228701df758e80c20435c0de2f5d6b64302e5
d0bab55aa2bee0b66cd14c5ebd97c3060886e499104310f311ab9312f03ff357
d2740929e1d918dfcf0b63b257be5c7688dc8032c65823622f5ffa3a5eaf35db
daeb2afdd6f19e0e626aebcaa0eb267630604117b7dcbcb3b2e10bc67d9983f4
dfdc3bb59b8acc958ea97398545660d0daddef78fb8d126e745a905c10e5d18c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e1a87accbd3f1a8e65a03976791629e3ade566583c72b6ed753ba4eeccfca1cb
e1d030293496f7351b7514caab0c30ccf6b9eedff81cb458e00fc522726ed544
e1eeb7e2400f2cdce05110d0a95e2d6bc06eda36c1420ada92b99a3abff9ec40
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e36f7abf85d1c061817d19aa93300312624d8974c8a334ab3832f348354db71b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aff6abc63f6a4c9e7302763dcba832f8351fe2753ca756ae40a91e0eea3790
e5079589dbc92be0815a290fb832e85e32f8f4aa2624301c9915eeff916cefea
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
e93d0eafe2762167fc7e17f3d962c99c807a03481d44f7dfac340880a79d0977
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
ed1d5c61910bcc95522aca5f6fc5b5adc2a2ca3e4814f92368090e13a3041cce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0426d1c0c9d61d4b0ac25336eca0cb0fb85ab86d33c92a5a62a0f5a1fba7697
f5c281ea507f98f62109b0247caeeb2ae91eb87993b2a1ae722747942e597703
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

www.scener.com Open in urlscan Pro 76.76.21.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

94 %HTTPS

51 %IPv6

25 Domains

42 Subdomains

41 IPs

7 Countries

3561 kBTransfer

13756 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.scener.com Open in urlscan Pro
76.76.21.93 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

94 %
HTTPS

51 %
IPv6

25
Domains

42
Subdomains

41
IPs

7
Countries

3561 kB
Transfer

13756 kB
Size

25
Cookies

181 HTTP transactions
7 data transactions