helopal.club Open in urlscan Pro
2606:4700:3034::ac43:be40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helopal.club/
Effective URL:
https://helopal.club/
Submission: On January 09 via api (January 9th 2024, 6:34:08 am UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 43 domains to perform 221 HTTP transactions. The main IP is 2606:4700:3034::ac43:be40, located in United States and belongs to CLOUDFLARENET, US. The main domain is helopal.club. The Cisco Umbrella rank of the primary domain is 284513.
TLS certificate: Issued by GTS CA 1P5 on December 30th 2023. Valid for: 3 months.

This is the only time helopal.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:5c4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:303... 2606:4700:3034::ac43:be40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:243... 2600:9000:243d:1000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::ac43:8b1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:2440:7e00:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
6	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
3	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
6	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
6	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:d400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.78.109.25 54.78.109.25	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
4	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::57	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	91.210.226.71 91.210.226.71	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	193.135.9.133 193.135.9.133	48314 (IP-PROJECTS) (IP-PROJECTS)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	104.119.110.47 104.119.110.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3030::ac43:8a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.192.201.180 209.192.201.180	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	184.30.16.195 184.30.16.195	() ()
1	185.64.190.78 185.64.190.78	() ()
1	99.80.50.75 99.80.50.75	() ()
1	69.173.144.165 69.173.144.165	() ()
221	63

1 2606:4700:3035::6815:5c4b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3034::ac43:be40 (United States)

ASN13335 (CLOUDFLARENET, US)

helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:243d:1000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:8b1d (United States)

ASN13335 (CLOUDFLARENET, US)

fun-dare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2440:7e00:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.109.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-109-25.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.71 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.133 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.119.110.47 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-110-47.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8a0d (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wpcdn.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.50.75 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	442 KB
28	helopal.club 1 redirects helopal.club — Cisco Umbrella Rank: 284513 cdn.helopal.club — Cisco Umbrella Rank: 360344	1006 KB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	2 MB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677	268 KB
13	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8452 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel.rubiconproject.com	52 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	122 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	430 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1105	1 KB
6	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 12724	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 firebase.googleapis.com — Cisco Umbrella Rank: 4828 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 373 fonts.googleapis.com — Cisco Umbrella Rank: 115	34 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 2287 mp.4dex.io — Cisco Umbrella Rank: 3130	26 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	42 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 597	7 KB
4	adform.net adx.adform.net — Cisco Umbrella Rank: 3508 cm.adform.net	2 KB
4	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 11453 user-sync.adxpremium.services — Cisco Umbrella Rank: 18231	7 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5920 invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020	2 KB
3	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 15327	91 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	195 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2214 google-bidout-d.openx.net — Cisco Umbrella Rank: 2217	785 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	775 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	12 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	6 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 2058	1 KB
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2913 vpaid.vidoomy.com — Cisco Umbrella Rank: 4332	20 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	568 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	29 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 31433	226 KB
1	lijit.com ap.lijit.com	175 B
1	ck-ie.com as.ck-ie.com — Cisco Umbrella Rank: 12570	114 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	140 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 14233	3 KB
1	adsafety.net 1 redirects cm.adsafety.net — Cisco Umbrella Rank: 17119	1 KB
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 19705	823 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2532	8 KB
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 50127	3 KB
1	fun-dare.com fun-dare.com	12 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761	10 KB
221	43

	Domain	Requested by
25	s0.2mdn.net	helopal.club s0.2mdn.net
25	helopal.club	1 redirects helopal.club
22	pagead2.googlesyndication.com	helopal.club pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com s0.2mdn.net www.googletagservices.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com helopal.club s0.2mdn.net
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net helopal.club
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com www.googletagservices.com
7	www.googletagmanager.com	helopal.club www.googletagmanager.com
6	fastlane.rubiconproject.com	get.optad360.io
6	onetag-sys.com	get.optad360.io
6	ssp.wp.pl	get.optad360.io
6	www.gstatic.com	helopal.club googleads.g.doubleclick.net
5	cdnjs.cloudflare.com	helopal.club
4	eus.rubiconproject.com	1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com eus.rubiconproject.com get.optad360.io
4	gum.criteo.com	static.criteo.net gum.criteo.com get.optad360.io
3	std.wpcdn.pl	ssp.wp.pl
3	www.googletagservices.com	googleads.g.doubleclick.net 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com s0.2mdn.net
3	adx.adform.net	get.optad360.io
3	rtb.adxpremium.services	get.optad360.io
3	prebid.a-mo.net	get.optad360.io
3	prebid-eu.creativecdn.com	get.optad360.io
3	mp.4dex.io	get.optad360.io
3	cdn.jsdelivr.net	get.optad360.io securepubads.g.doubleclick.net 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.helopal.club	helopal.club
2	ssum.casalemedia.com	2 redirects
2	googleads4.g.doubleclick.net	helopal.club
2	match.adsrvr.org	googleads.g.doubleclick.net get.optad360.io
2	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	oajs.openx.net	1 redirects helopal.club
2	script.4dex.io	get.optad360.io script.4dex.io
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	firebase.googleapis.com	www.gstatic.com
2	get.optad360.io	helopal.club get.optad360.io
1	cm.adform.net	adxbid.info
1	pixel.rubiconproject.com	adxbid.info
1	ap.lijit.com	adxbid.info
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	adxbid.info
1	vpaid.vidoomy.com	vid.vidoomy.com
1	user-sync.adxpremium.services	adxbid.info
1	vid.vidoomy.com	adxbid.info
1	as.ck-ie.com	adxbid.info
1	eb2.3lift.com	adxbid.info
1	adxbid.info	get.optad360.io
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	beacon-ams3.rubiconproject.com	helopal.club
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.optad360.net	helopal.club
1	fun-dare.com	helopal.club
1	maxcdn.bootstrapcdn.com	helopal.club
1	ajax.googleapis.com	helopal.club
221	68

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
www.facebook.com
t.me

Subject Issuer	Validity	Valid
helopal.club GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
fun-dare.com E1	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2023-03-09` - `2024-03-14`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
adxbid.info E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
*.wpcdn.pl RapidSSL TLS RSA CA G1	`2023-05-06` - `2024-05-17`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2023-11-12` - `2024-12-13`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://helopal.club/
Frame ID: 0C8D67CA023130DE3B51752C9608FFDC
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html
Frame ID: D826C8F974AF93C3B721B80CEBA09DE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1704782043&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042893&bpp=3&bdt=215&idt=173&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7261352095320&frm=20&pv=2&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: E2BC21D41A080347DAE8CFEB00AD3AA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1704782043&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042896&bpp=1&bdt=218&idt=182&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261352095320&frm=20&pv=1&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=185
Frame ID: 6C3023F409DC7922937B62041BC50ABC
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club
Frame ID: 15B0C74FBA1EC7BED5E24AB473A06FF2
Requests: 2 HTTP requests in this frame

Frame: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C0857409A087A0CD2DD2FB95F1C7052
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E06BB15EA9B0102D3D71148992BA575D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 932B9B5BD8324DC2070844B5B1F98F6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: C7DD9A37E6974590BF94EAD30F05280C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E850BE8F170232708F6B2167B59C7CC5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EC20537EB06C8BDC343C0F3A0B54C4B
Requests: 2 HTTP requests in this frame

Frame: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC9FC2F923E3E3F0B1C25912354B742F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNWzjpla8L4iiBmx_LOhfG1Ff4QLz9cws1XVwlXM_ouCCVgKJDm6Hzr1NtTmg3v2kq7fh5gREzkPkNzDrTp6OnIDxHgseQQdFIqq8gHTzq5t0uZw378
Frame ID: 9CDA69F39BA7D1B5CF82B913630DCB5B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A5190B4F11157637EB21B5F60CD53A29
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 10E9F4B7183B6F48865B589F6FB925B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 42C4DCCBA746D18F60C0FB5AFEF99A27
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
Frame ID: 435F40032B96F5AC9624227DE552138A
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 26905AECDC508D4705587528B5776D07
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1704782043258&gdpr=0
Frame ID: FD8EAEE29335CE101163E24BA47A5599
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: C52F0780C6EE2DE19F9E44436E962011
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1704782043049&gdpr=0
Frame ID: F0D8D2D223E0E59D32D236B5A3180E30
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Frame ID: 8945D124DAA020F46C0ADD9D8352454C
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1704782043048&gdpr=0
Frame ID: 8709FAD401593C87C4F4A537D390A722
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Frame ID: 6ED01EBEBC77056F59FB71A88C1373A0
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 047F49DAF818E800DABE951C8925E666
Requests: 7 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Frame ID: C07BC2833D0FD7615047501E30277208
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: DD90DC2905BAA521E484C5A43A14661A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 52678B73D9FD98C9C0550A7A552B2E2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Friendship Quiz - Helopal.club

Page URL History Show full URLs

http://helopal.club/ HTTP 301
https://helopal.club/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

221
Requests

98 %
HTTPS

53 %
IPv6

43
Domains

68
Subdomains

63
IPs

9
Countries

4979 kB
Transfer

9751 kB
Size

38
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=helopal.club

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Helopal-108792500944931/

Search URL Search Domain Scan URL

URL: https://t.me/social_fun_club

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helopal.club/ HTTP 301
https://helopal.club/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://googleads.g.doubleclick.net/pagead/adview?ai=CRt8j2-icZfr9BeilhcIP0cOi6An5pJrydLbhu9nrEfWN_MIDEAEgybSOfmCV4pCCoAegAarAwu4pyAEBqAMByAPLBKoE1AFP0NUx8NhMz5DYtfaAK1XrifiQ3CKTDXdX3KlQicAkia2tAmqnE1C4LBlQgeeDCI9pU_zA3KDbiYh5B2Fipul3P6SC7ahwlbrAzLWLN3V9TYzYRp5-kEzPS_HqsVeoBC4u1fNV-b7qm2OM34Al9HhgaEBjfl0gkqfBYfAodITmkMHUwsZ7hij52bnWBmZRKO9gaFh9L5zK68pVWQLQQDLM3tYoWmsnN1QHmyasjJzxYGYdcRwX6EM9ZYSuAaauyXj6PQk1dgPOUOSQJtxyw3R2YAAEv8AE5dq-rsEEiAWm7-CdTZIFBAgEGAGSBQQIBRgEgAeHvKSXA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPLBA9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv6LkgNjPgwOaCcUDaHR0cHM6Ly9vcHRpb25pc2guY29tL2xhbmRlcj9xdWVyeT1nYXJ0bmVyK21hZ2ljK3F1YWRyYW50K3dvcmtkYXkrd29ya2ZvcmNlK21hbmFnZW1lbnQrc29sdXRpb24mdXRtX3NvdXJjZT1nb29nbGVzJnBfaWQ9NjM0NCZjX2lkPTIwNzMxOTM0NjMwJmFfaWQ9MTU0OTg0NzU0NTMzJnV0bV9jb250ZW50PWdhcnRuZXIrbWFnaWMrcXVhZHJhbnQrd29ya2RheSt3b3JrZm9yY2UrbWFuYWdlbWVudCtzb2x1dGlvbiZ3Yz0xNSZwbD0xMDA0MzYzJnV0bV90ZXJtPWdhcnRuZXIlMjBtYWdpYyUyMHF1YWRyYW50JTIwc3NlJTIwd2ZtJTIwY29uc3VsdGluZyUyMHNvbHV0aW9uLEdhcnRuZXIlMjBNYWdpYyUyMFF1YWRyYW50JTIwU3NlJTIwV2ZtJTIwQ29uc3VsdGluZyUyMFNvbHV0aW9uLFNwbHVuayUyMEdhcnRuZXIlMjBNYWdpYyUyMFF1YWRyYW50LEdhcnRuZXIlMjBNYWdpYyUyMFF1YWRyYW50JTIwWGRygAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTE2OTYxNjQwODEzNTkyOTIYAA&sigh=IDsTKEUcvg0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_zam-5y0dO22avxd0K0JizEN2525DxfD-1xuMOLJo0zY-B-4zxUiIBLExvqVz7kNduBd6s6Qg0zCBs1yiHvr4trEmOLClCz0awhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22907650433661773239%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221232630102987847905%22}&andc=true

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEDCDrdzB87_iwtLWTz4Jghw&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDCDrdzB87_iwtLWTz4Jghw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=ffe112ca3e53debe6f4b86332663b07b&uid=ffe112ca3e53debe6f4b86332663b07b&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 215

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZZzo3h3Pgq7zQ4XUgK35JwAA%265211

221 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
helopal.club/
Redirect Chain

http://helopal.club/
https://helopal.club/

39 KB
11 KB

395ms
353ms

Document
text/html

2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb330b97480e87294d9ebdd7dcdec6248d2c45ed35c5f5c3f0060449528fb2e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 842aa6f48bd5b78e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 06:34:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUbL9Ymv2jm43Mgn4SqeQH0uny6FXpUH%2FBT%2B8TfywAUgyNcoz2ZIJ0fmwhfS4zNnvAdYDAO3xvS246KdSZ6ibXj9LlByn4m5wWGRBehsXqjnGvSr8lDUwmySRQA4v94INYCesiCtP%2Fl1d9E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 842aa6f42bdb9060-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 09 Jan 2024 06:34:02 GMT
Expires: Tue, 09 Jan 2024 07:34:02 GMT
Location: https://helopal.club/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mleiowh6sNKnu2ikc24tYXrSO2J4t7YibLwseuNirUim1EWKMtAzGbbau2b6evTN3OhUiT8C72EI760KSZ0EZSBTbST49jQId3trH8A3S%2F4N0v%2BjrCQok3eQ%2F1OXnzFunKgyq9Scj5cCw4w%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 102ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2acf8699aeca3eb2a9bbb13f6da8c092b1c9fcf60b244eb62830faa3204af28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51312
x-xss-protection: 0
server: cafe
etag: 13027520034925270846
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 spectre.min.css
helopal.club/stylesheets/ 42 KB
10 KB 31ms
30ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5024
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj4QvS5DZTNPwAjBqu9E3teN1tJIE0pNFEuETDDSmAWGxxY4ZSYgPDZiAA659ubj5HPIV0bn8OoZm%2FzwxZ2QeJpwZEiltitR6RqOJ%2FdQUbzMvARPJ%2F667wlRJxt5YRgXhJwIZXGNWVYlbME%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cdddb78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 spectre-exp.min.css
helopal.club/stylesheets/ 18 KB
4 KB 27ms
25ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre-exp.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5024
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV%2FABqTzJTEPusEnZzi85TuatiwLyXCR33t3Ez%2B8oBrCkmNgWibGGjtQDs8CPvVNHwtmAScOciJpD0yOeK1RZj8tTp7sqIQ87RQxAW69KFlbXa5aGuOOyB%2B1UKKcRtLz7nwIgSwRkjdxA%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cde0b78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 spectre-icons.min.css
helopal.club/stylesheets/ 9 KB
2 KB 31ms
30ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre-icons.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5024
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EytBpYVHyybOYAzln93TMW8RmhVrjziLZ1v%2BSnBqy9foLhHjY6ZEeZhdJo1Z5BHAtko0OLuxUbtGqpvmf5lgQryYBCDEZIWo9NQgoK7jkyRK25lWN7nuq4tAI%2FsfWfANuM2dWgxJmzU1svI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cde1b78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
helopal.club/stylesheets/ 4 KB
1 KB 30ms
28ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/style.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
server: cloudflare
age: 5024
cf-polished: origSize=4926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6m68vcLBMxmzwrm2UDnr6UdCrTyQAU1HbvSYxldyzxwKycFeWUy8iCzpuUYr7ajVy%2BRtZ15hoQlto3HtnYyA65ayTMtIZhS2gTo3ynQ1bORAJ8d6ajJfUAdfD83Ztjua%2BS59wVe76ktxRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cde2b78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
helopal.club/stylesheets/ 7 KB
2 KB 30ms
29ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/main.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
server: cloudflare
age: 5024
cf-polished: origSize=10580
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVfUO2wkT2ltrJ6INGUsvu3J58KTf1Tn2AjqfnbdT5qWczxWpc%2BbVskh8ux%2Bpp4C9BFMA2WW0a8EaEnyg82Jsk1%2Fe%2F0sN%2FcWGfIRXt6n2uDkHWavNy%2BKhChCoDljbpfT7GWjd7tFz3hY200%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cde3b78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 100 KB
19 KB 32ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5346259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18778
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-495a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Skz%2BajoI%2Fx0Nf%2F4HToIvEenhdB6nLXLax%2Bo%2B9d6351jsnJrZGD5gx1vWam7NHNLnUtQhYZitKFkITF5nfMbhzfpNJD1ylOBY%2Bp1l7b7eWLTVKFGpQCIZOPBGcviQ96%2BS85oh5tAdTp8%2FM71xmrgGF7uQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842aa6f6dd4b18af-FRA
expires: Sun, 29 Dec 2024 06:34:02 GMT

GET
H2 200 bootstrap.min.css
helopal.club/stylesheets/ 139 KB
22 KB 32ms
31ms Stylesheet
text/css 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/bootstrap.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5024
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG11DDaQHbIB1euX1Ee9N1dbETJophOnbueHB3wsEi1cy1Gr6LqcNbXUJsTo1bCQ6y7mM7qVw7%2Bd2IHxBf3FwFMqD3r79%2B6QQ%2FnWN7B4ekTUVESOoMpzYrEDMUpmLZ1NpnNAOo4NvyzQrT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 842aa6f6cde4b78e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-confirm.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 22 KB
3 KB 27ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 869689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2884
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-580a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FmrP5bdDBsWxbLUpffTffDA3QmcEGcZfbMlUrtGwre9%2BgsSjS1y3JmvSwok8KYyYUlZFJ%2FftutHJdC4kEuR2e3V%2FviNFCjNqT3veZVP4CFqLIKgmqr%2BHeL1kwvrRpPoXN6oX1wz6oW2tVd27HpvxmhY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842aa6f6d9a018d7-FRA
expires: Sun, 29 Dec 2024 06:34:02 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
4 KB 27ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3380864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57wsznHS4ra7hLvoO1mSlqMakka8TiBCy7PcsPDHhCy1LjzXPBizNUckZgsatdbt%2BeBnCeZD7O6iRzPTbdbcNXX60JAu2IfVQIT%2FmG8Ys36Zy5C5WOdDMzGnpT9olENkNId%2FDkg3mN6WrTOAc91wdfo7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842aa6f6d9a218d7-FRA
expires: Sun, 29 Dec 2024 06:34:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:13:57 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 32ms
16ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 6059228
cdn-cachedat: 2021-06-01 19:39:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: cc9c4f0d341b28a2bf97da1ba3da67e8
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 842aa6f6dde76997-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery-confirm.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 27 KB
7 KB 28ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1218334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6362
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-6cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VaQ9%2Bhjzyv3iJ89eOyBrb2uLv9xQyronSKSjXgD1l1yvGait%2BBDg6HhmrlhtGyUhosFLkMvoLUzGpHPF1zriwJSUzEte2DmIEcfjjAVPy62Jh3GiomeUmEEHI7ZV7YiFAL3ewqRehl1e2%2BcBPGVf3zD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842aa6f6d9a318d7-FRA
expires: Sun, 29 Dec 2024 06:34:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
51 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abe706510036e3ddfd0c61ee3ee258f2593d53d8e40fa05b21bed6d85a3ae86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136873609-1

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08668608a7502fae7b7f6d76632b3ec6e458bb76be5937e2c4ba2672df9ad709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69769
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/ 281 KB
61 KB 72ms
11ms Script
application/javascript 2600:9000:243d:1000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:1000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49f4d38284c03f09b22edfdb1470abb5b7fcbb65108dd0b448036c5b8ed7ec84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:02:31 GMT
content-encoding: gzip
via: 1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 07:54:16 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 1892
x-amz-server-side-encryption: AES256
etag: W/"7ccaecfd8c006d0d6ef8998e28c12a6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: u7iCaY_zukusccnukoVnOmgdTMtlKnaJ3FGNv6NGXAt0imeYzPXWQw==

GET
H2 200 1623528814.helopal-club.png
helopal.club/site_logo/ 4 KB
4 KB 289ms
288ms Image
image/png 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/site_logo/1623528814.helopal-club.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Jun 2021 20:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60lSp3bLzloCIxh9okGCgWlW%2FhLm%2Flss1AtJgCiE5bqEo1OpJNsmjBieF%2Buv6gWRiUAMpJBG8VEE2UIwe8FNAJhieabyxpjDfR79INFhPc1o0S1r1N7HvLEO8YPPus9hJOjeqsu6yA%2BB8t0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f6cde5b78e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3997

GET
H2 200 6223117-1698472173-2459ff2e-2d36-404b-96da-3318b059eb57.jpg
cdn.helopal.club/images/ 148 KB
148 KB 42ms
25ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.helopal.club/images/6223117-1698472173-2459ff2e-2d36-404b-96da-3318b059eb57.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624d8f4d58fc9c2ca59102e1c8d4100707b342db19f53d856d2dcb8d484f1094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
x-amz-version-id: tMsOHu8UD7aCLWGGF9bcrmgEXw9557Fc
via: 1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 665
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 151231
last-modified: Sat, 28 Oct 2023 05:49:36 GMT
server: cloudflare
etag: "d693217e06be6fb2dcd4f6dc23cdd6c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbWqyy8loVnupTCg6ltdp3oqaPFs5B6JPCEermxqfG7gR6B0aQulIkKGigOb7omXNE2EHQqsQu4WLs3vBZeLbKmvx3xSCspG%2FIFzjQVFPYz7BMqCVjhspQHxuR0uxJr9RqaZDk9qvEKoedAp%2F2hQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f6ee03b78e-AMS
x-amz-cf-id: OPVtUg2dHxlCVHXz7xTvxNm_toiJFTvQHu2M7iYd2kl6qDyNySaM0A==

GET
H3 200 best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
cdn.helopal.club/images/ 309 KB
310 KB 17ms
16ms Image
image/png 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.helopal.club/images/best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
x-amz-version-id: do0YZFwpRk6lhbsdaAM2LzzfRn2srhZs
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
age: 3531
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 316686
last-modified: Mon, 17 Jan 2022 15:04:26 GMT
server: cloudflare
etag: "98213a542d36a029931ddfc74bee83be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FPe3Bq5d4F4cWcz23YbqVDC%2BXURnLijDKrXMO%2FZjk9UDACd%2BGid0DFDGt%2FlHQ50bmSDU%2FUvDm%2FpQRxSQqoc5VV95hDwgghmGO4BhlQjwvX8223rVQkaLcAAJpAr8%2FvS37UNTuCeZaLgCKSnMxQE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a6a4d97-FRA
x-amz-cf-id: bMaHv5lAqIdKB5K3zBMba3Xh24gFrmtukFz4hIeoBsV2Ln2nem0U9A==

GET
H3 200 1623667520.how-many-friends-love-and-hate-you-small.jpg
helopal.club/quiz_banner/ 21 KB
22 KB 44ms
42ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1623667520.how-many-friends-love-and-hate-you-small.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jun 2021 10:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 711
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKFR%2B8q38Z07PsdbiNo3pDovrOeFLM2KfhBU6wKXKUQr84G7E1wrwrx640LdvgBLOTTh8NzRDqnlUOmWJ5QppZikQDURazUY2kEto9M3JuTUHSJrjE4F4HziKi4TC33OuiMeUsAwgb8Vq5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a6e4d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21785

GET
H3 200 1622809937.b.jpg
helopal.club/quiz_banner/ 17 KB
17 KB 46ms
43ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809937.b.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 711
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYx%2FNGNw6c%2BhBjJ3W3Q9qClgQ%2FUuYGr7MuCuGSoNARKmJLInvXu5pVf%2FaHHZgAc3UCnj3iKbsXfHbim2fekOdUCVnPYzxfMloBaxfEgRoM5Lj3Ed1NPOKOKHEdws3lr2PMltKJX0MCu8Kpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a734d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17439

GET
H3 200 1622810191.e.jpg
helopal.club/quiz_banner/ 16 KB
16 KB 47ms
45ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622810191.e.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFqRcvG%2FXCy36RglLcfJiZnPQ2H5wfe2%2FCPPxv82LwpqTzavR8PTiRbR9rXAkOTnYJfLIkXf6gT%2Bh8PsxaCq%2FKDYEbRiwnVGafqhiFylh%2B%2FjRMGD5Sr%2F%2B1kgfWIzLh8%2BfciMBmZWCOwDV34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a754d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16244

GET
H3 200 1622809962.a.jpg
helopal.club/quiz_banner/ 16 KB
16 KB 48ms
47ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809962.a.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:32:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkCFHTLIGKgldGMLEAXEcNIrlExFXnu7sxulORzKEk2QV%2F0FoXMfQwE7vi0otDxak%2F4gDnR7UMSVsRs4Wkxt%2BQrK8BSI1zvN%2FjMRChKlbTmInQF1ghOUAQ2G1TVfPA9Nh7o3vW0QxhHRJsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a764d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15893

GET
H3 200 1622809982.f.jpg
helopal.club/quiz_banner/ 24 KB
25 KB 49ms
47ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809982.f.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqa%2FVCL%2FC4aQKO7uMRlhfh8rUwPe%2F6H7UTNOWj86HAMs4VekxZ8IBoFUgHnfxtR%2B7HE5sUGo%2FdjKjZ2kqSQzObVgRsNst6mcsopihTSUDvi7Bu%2FAQDXquGAnSISFNJ3LTCs%2FheTFrQgvDEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a774d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24808

GET
H3 200 1622810009.g.jpg
helopal.club/quiz_banner/ 15 KB
15 KB 50ms
49ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622810009.g.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtC48TWLxlfZI3Gg4c9ImMz07JC6BB%2BbsD0tlFCfl1Qx91OGlgaxJ%2BkMnTUfYPTRXYrs4TLqaPNhx9AcLpi10D6gzQ0WcJw7CWFpYiAV6dApTZWVi%2BhNlNM1bbgXS6w0rdk03NlC1nPhVHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a784d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15020

GET
H3 200 1623160044.true-friends.png
helopal.club/quiz_banner/ 61 KB
62 KB 51ms
49ms Image
image/png 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1623160044.true-friends.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 13:47:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnjILRbFPXjgGipos874C5QYGrvPVtv9vDShsJjOtVP6aXjS1gVKNojhQtjQNdLIdrIDkPtBXcjntB1pFoeRMw2Xh%2F%2F8SdFuwcGjyUyqpNOcZqSZKZaDDMwKIebCeyVB4o38lhtoInrz034%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a7a4d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62964

GET
H3 200 anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
cdn.helopal.club/images/ 55 KB
55 KB 53ms
52ms Image
image/png 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.helopal.club/images/anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
x-amz-version-id: ANqBqgXEubcEvtJobs1s5IhOiWNekHxs
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
age: 6475
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 56105
last-modified: Sat, 09 Sep 2023 07:20:26 GMT
server: cloudflare
etag: "d7b230fd17d40c7746570ed5cc95a5a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eu%2FbwR8W8J3fjEiNULw2GIFqFKE4Ws0FRDN2%2BggRt%2BZnipfkVuxi5Klnd7yQ%2FgLIR3HqE2nB30rnqTvQsQFSf62yXKiIRLDRVyx8Y3CY9wqN3pDqSf9PWYJuzQDGQYGdvAqivUJBKDoq7VEr7mbt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a7b4d97-FRA
x-amz-cf-id: wS9CzZC2jOGPor_f7NHAFg-OkKtyhETc52apfstdvn6KzQDi8Y8RFA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 77ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1696164081359292

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2764f4d6b85357ee7e53b42cefbfb8e0da77715508344f8775cb22d4c9c7231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51365
x-xss-protection: 0
server: cafe
etag: 1653314079460426284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H3 200 facebook.png
helopal.club/ 580 B
1 KB 53ms
52ms Image
image/png 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/facebook.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2265
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2Th1sROMAMR6s2A2R92Gh8gh4qk2M9G4%2F%2BQRR51Acd5uU2MM4J1Z1%2FAIm%2FSP4zEf7veQoGKCIz%2BnBOzIAJd7IC6qDMINx2HIcG8BDOfgsYrvFL%2FdXe08zPChSRBLY4%2FSwa91TfAZC2XRrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a7c4d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 580

GET
H3 200 join-us-in-telegram.jpg
helopal.club/img/ 10 KB
10 KB 54ms
53ms Image
image/jpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/img/join-us-in-telegram.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 12:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 332
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA2w7I3mTZTmcz59kKvueD949cMj%2FDcsp1XXaFsD4EVNn%2Bl%2FvaAROvQrAnQksKe%2FYZq9tDBxYfiWUouDamUIHtx2dsuKaD1B87L15xA3HgYwOXUeCfim4Sg9z%2FqBAc%2F9PdSF2juOWM%2B%2BQ30%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 842aa6f71a7d4d97-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9799

GET
H3 200 clipboard.min.js Show response
helopal.club/ 10 KB
4 KB 47ms
45ms Script
application/javascript 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/clipboard.min.js
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2265
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1RrUcEHfKlJF%2FIRjKn%2FGPAN7TfjIUn9VI2YBB0cqDO%2FO9x9LheC5br5hv8sErHBjKZZYJFEUbSjJrgWpTwML0xmdtYMgdwVMvjYDn0aR%2BhoEzxxM3yLfJ4NfPoy6VRLxq4ETd81nXJwR7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 842aa6f71a744d97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 howler.min.js Show response
cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/ 35 KB
9 KB 15ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3645128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8506
last-modified: Sun, 25 Oct 2020 15:34:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f959b05-8bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QIMQrfYfPCbPf8cbRZ0gkOFmrYT0D7nREzl18U4lseQuDNFdbWco40t8Ycv5T24aoIv5C2Y0YgwIRAfaTfW1Kk%2BZbIaCoox1CoZiSfQuNUz6QUO34TbU1RXtrnosq0MnWkueefhnQEhdpyzbd4ISq5r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 842aa6f71d6b18af-FRA
expires: Sun, 29 Dec 2024 06:34:02 GMT

GET
H2 200 qbg.png
fun-dare.com/site_logo/ 11 KB
12 KB 47ms
13ms Image
image/png 2606:4700:3035::ac43:8b1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fun-dare.com/site_logo/qbg.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:04:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5217
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0g78zRf184PDOYNPQaDFy6qDtcx2M17E%2BteYNpmys79uPL1BpEYkDeRozuOJGfmqedVFPwVVK5h%2BxUddHIjxDwtTA75cPNPKLvDS5RZKolC55emRVOLp2VBYLwUsqIjB9Lxu8K627CRhsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 842aa6f75efe30f6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11290

GET
H3 206 correct.mp3
helopal.club/sounds/ 16 KB
16 KB 14ms
13ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/correct.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0%2FIzY8Yn8KkYCHjilMcbFDG2ZgDiBmyyTC4pjYL4UJAjNhbo1vHAWjsdd42x0Z%2FT8oTQJYnlLjdNOPj9MpVaMI51%2Bc0HblcjmPifeRlk6tNVR9qzCRaAoSgV5iXXVddbCDGQBLnUprnZ88%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-15124/15125
cache-control: max-age=432000
cf-ray: 842aa6f77aba4d97-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 15125

GET
H3 200 wrong.mp3
helopal.club/sounds/ 79 KB
79 KB 16ms
15ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/wrong.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlxskqQvcV%2FW7ekuzW6vqGnG8NfF4KY60iYaaAMJodZ1mCpDZ7VrOFnPU0dVClvI2YHSUy3nyYFIR4x%2BoWqyHQng0m5uFYv3aUNzIpAgEJDFZ3S6%2BH9XYnhUweGZl3jk5U%2BBtiZP21wPp1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: max-age=432000
cf-ray: 842aa6f77abb4d97-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 206 proceed.mp3
helopal.club/sounds/ 26 KB
26 KB 15ms
14ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/proceed.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7YIGO6pUrviLpL2A0ZvExZX33EcEPFtqxvwF1JGwB8SPnXFauNtV%2BSPxGZVbNH14PH7fARN8PaPEzJMUdTWL0ILDBOz6ItWN3ZO93Sk%2FU2sigF%2FRdEzEM2j8oSl1KSgOv4r8GZlXxHr0bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-23798/23799
cache-control: max-age=432000
cf-ray: 842aa6f77abd4d97-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 23799

GET
H3 206 error.mp3
helopal.club/sounds/ 20 KB
21 KB 17ms
16ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/error.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7Ty1QhgR3PyYtb%2FSkcGHP7Ns5cR4I5oycQ4q4OyHghaVjcTMDX%2F7sUhHYz33dYjDC4xRxoXYVkF1kocqfdMIV7dSXyKiJzdpgb7pEDzNCZ7TgM8dKbH6Am5L7shoHm%2BCfwS3cgqCkiRhys%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-18978/18979
cache-control: max-age=432000
cf-ray: 842aa6f77abe4d97-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 18979

GET
H3 200 skip.mp3
helopal.club/sounds/ 79 KB
79 KB 19ms
18ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/skip.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKiwISYj7dhlPh6O0CTiPZe0pPq91A3xmDisPqAjmiSoma5X8zVUE0B0dp11F5GZf%2Fr4Jxw8lAAP1NREU1yYZReVixcDkV2EGWlvK8PYyL7T76JJDzHeIOgBZ39RRziF1nkKovZI5QGi3AY%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: max-age=432000
cf-ray: 842aa6f77abf4d97-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 206 delete.mp3
helopal.club/sounds/ 26 KB
26 KB 18ms
17ms Media
audio/mpeg 2606:4700:3034::ac43:be40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/delete.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:be40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2264
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kurcDWgaqjZGQLqjV%2FpCupvcHhSimP%2BLUUgebIaV7T39IUO6JPbcmTHeq%2F1AWLslm7NsOFHZbAVeGb3yMOl46QDabAU2L64vStjbFD8U7vow0tbD%2FmRrAyF4EsNB4BpnAMJuGHMcornzkqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-24191/24192
cache-control: max-age=432000
cf-ray: 842aa6f77ac04d97-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 24192

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.9.1/ 86 KB
19 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-app.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19565
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 17:45:22 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.9.1/ 112 KB
24 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24944
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:01:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 23:48:41 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/9.9.1/ 104 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-messaging.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20223
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:09:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2ddd27c9f4745599db1a3b636cb80d1e0c99b0540ac7e2109ca49ad033814c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 05:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2745
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 07:48:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136873609-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

354195f8c304909165cccb80957e21e21e344e1cc5513f0a638f0dd491c248cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69752
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136873609-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

972c58142db01b924c2c46c29da17213d7cba8ac974a037107447cb4e9375d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 401 KB
136 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club&bust=31080218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1696164081359292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce2b5ced6f945c419913bf3a6f4b92b65cb6540efe8d2450941cc54c27579093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139122
x-xss-protection: 0
server: cafe
etag: 4508646440821744811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/ Frame D826 9 KB
4 KB 26ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1696164081359292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:26:44 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 00:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VWZGSQLZ5T&gtm=45je4130v879222134&_p=1704782042733&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=468869383.1704782043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704782042&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=693
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=343946719&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=116073701&gjid=944209236&cid=468869383.1704782043&tid=UA-176069477-1&_gid=1779556984.1704782043&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1611947487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=343946719&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=479439709&gjid=157254943&cid=468869383.1704782043&tid=UA-136873609-1&_gid=1779556984.1704782043&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1304141721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ 262 B
379 B 33ms
33ms Fetch
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://helopal.club/
x-goog-api-key: AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helopal.club
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ Frame 0
0 61ms
28ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://helopal.club
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 09 Jan 2024 06:34:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 96ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acb4aa3ec97e34c5238403f49f2dec182459afc34725f32acc7b3c533999b0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29652
x-xss-protection: 0
server: cafe
etag: 579 / 19731 / m202401020101 / config-hash: 6914489111508300537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:03 GMT

GET
H2 200 prebid7.36.3.js Show response
get.optad360.io/sf/ 520 KB
165 KB 11ms
10ms Script
application/javascript 2600:9000:243d:1000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.3.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:1000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:50:05 GMT
content-encoding: gzip
via: 1.1 d6aad4784aecf0aa7f937dad10d2faea.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 08:32:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 5777038
etag: W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: D7N8GyRLTEA0hR9BqGq63d1qqcWYR0inBjXg9XxaczdjAv9KCCGYGQ==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 60ms
9ms Image
image/svg+xml 2600:9000:2440:7e00:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:7e00:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:25:33 GMT
content-encoding: gzip
via: 1.1 131833a268da05f8888d9c0861591892.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 7664911
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: 0pt19fqlwt1J3r3g_0Ie09DZs_rv_ZMeF9PvmL8E6xNUZEumMmOMJw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WEZNDFHJK0&gtm=45je4130v9132638245&_p=1704782042733&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=468869383.1704782043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704782042&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&tfd=720
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 54ms
18ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136873609-1&cid=468869383.1704782043&jid=479439709&gjid=157254943&_gid=1779556984.1704782043&_u=YADAAUABAAAAACAAI~&z=1967859648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Jan 2024 06:34:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ Frame 0
0 56ms
20ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://helopal.club
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 09 Jan 2024 06:34:03 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ 623 B
679 B 274ms
274ms Fetch
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7d7e0c9f72bbda4c3cab8ce28293170b3563f18af94b4118c2aa5d71b6ba52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://helopal.club/
x-goog-api-key: AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjkgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI5IGZpcmUtanMvIGZpcmUtanMtYWxsLWNkbi85LjkuMSBmaXJlLWlpZC8wLjUuMTIgZmlyZS1paWQtZXNtMjAxNy8wLjUuMTIgZmlyZS1hbmFseXRpY3MvMC44LjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjguMCBmaXJlLWZjbS8wLjkuMTYgZmlyZS1mY20tZXNtMjAxNy8wLjkuMTYiLCJkYXRlcyI6WyIyMDI0LTAxLTA5Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helopal.club
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 31ms
16ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240109

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9190
x-jsd-version: 1.0.1929
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21933-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-6QoajLJVvi3XrTfmzq7QFsxvX3Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBKOF1jFhZ1FssqUQWYt3K2S1BCXsKeLH6QP06JoW3vX4E0gNvXlwDSliBlUF%2BGySniERa3XsmIEUtpoHOQlGGj6jX3MXXT2g3eHToJfLXMtOCGdZoKLtpQz55bBZW8kVKEbxaEe5fuQ%2BudEvio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 842aa6f8cb193618-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 47ms
15ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:34:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 880063
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgsAvn7eFR97DALVX67x%2FRi%2FambxSBNPsa13lkNMTwGjaAEsoNOFg%2BmlhUdlJ21zUBPCqSdKmAr6AGzyw%2FdR7Xon309f5vB5Z6tsqABtN%2FN%2BN3lB4zqxlTKJ%2BqklRD%2F7jQO93R2giOz2my8C"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 842aa6f8f818912a-FRA

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
483 B 42ms
26ms XHR
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 09 Jan 2024 06:34:03 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: oa-360-1704782042948_doeld6fka
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842aa6f8efcd1c97-FRA
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 75ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
353 B 73ms
16ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 109ms
33ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 165ms
124ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 022ae256cf3067eb6c9319fd9acbf1507ed7e1848d4487ad2e0546307a0421a8

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:34:03 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://helopal.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1984
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 34ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 188ms
116ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=43&alt_size_ids=117&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=a8946efe-368d-4133-bccb-4515a94f2bd5&l_pb_bid_id=14e267bcd857866&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3567141043182618
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 19b4d8c469fb487e3d91066a9e7ce6ffb31004e7745762701a645966dae4e043

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 319 B
658 B 198ms
127ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=43&alt_size_ids=117&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=a8946efe-368d-4133-bccb-4515a94f2bd5&l_pb_bid_id=15816110e7a025f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8802740566766933
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c4ac60c87c47492f559807cc7c3c837079b59e88ae83d07144358fbf8f83a789

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 319
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
530 B 103ms
31ms XHR
text/plain 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
172 B 102ms
33ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
223 B 34ms
27ms XHR
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 09 Jan 2024 06:34:03 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: oa-360-1704782042946_n07gdwevq
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842aa6f8efce1c97-FRA
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 66ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 169ms
100ms XHR
text/plain 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 117ms
85ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 728608e402685e8ea6113b0dba29cbfd51a705a592a0a6055578f06b6f13d427

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:34:03 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://helopal.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 28ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 214ms
148ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=2&alt_size_ids=39%2C55&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=f2c0d50c-f8f8-44b2-8697-2879c9e2e746&l_pb_bid_id=315cdecf00e32e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5275177059308329
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 036a4139eb6166bdf6ff13b27d5e1578bc23f2282b9ecd95948b6e326b6ce474

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 191ms
125ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=2&alt_size_ids=39%2C55&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=f2c0d50c-f8f8-44b2-8697-2879c9e2e746&l_pb_bid_id=32fc3f4c5b64dfb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20507897294525046
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f0e8b341873a750b67b8229a4a85f4aba55b1666d4df3221c39bb71ddc9aa9cc

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
210 B 62ms
17ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
75 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fdeedfce57fe3e1959191fe5812817e4befd448d5b2f67f2048a53cc1a55b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:34:03 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35960
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 20:34:43 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 33ms
16ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:34:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 775740
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iitiHbAgaYlZOeOf%2Bgw2w3KabYkuspSlGhtNHeTr6CQbFlZoGxkwd2xC57CSVnRFCLqH3n4W%2BPgs9JIEE%2F0cC0a%2FL%2FiboawFQR0SoWv%2FsdNKSMwPX5GhLjbYbUdpPwZ3HIMhDwXKdFy3Ar8P"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 842aa6f93ddb3647-FRA

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2BC 6 KB
1 KB 192ms
192ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1704782043&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042893&bpp=3&bdt=215&idt=173&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7261352095320&frm=20&pv=2&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club&bust=31080218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae5458e4ae4cd3939dbddd57720d0c04d1886bd826b6e72f853e88dade39259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 967
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Tue, 09 Jan 2024 06:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C30 129 KB
43 KB 611ms
610ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1704782043&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042896&bpp=1&bdt=218&idt=182&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261352095320&frm=20&pv=1&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=185

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af7ea20ba044dfe8ebef86a572354540925750db7ef3fd79c9266bc35426bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Tue, 09 Jan 2024 06:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z45V12ZWF9&gtm=45je4130v890424607&_p=1704782042733&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=dDZx3qBcVSs_UgdxsenwWB&cid=468869383.1704782043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704782043&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=852
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 27ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:42:46 GMT
content-encoding: gzip
age: 298277
x-guploader-uploadid: ABPtcPoloqixCCgTXomADCSOsA3BvcXFUxsBHUY7D-XO-cwUIkLuV-5nhidCq6Qut0LCqSjbEWf0KZgVTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 04 Jan 2025 19:42:46 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 64ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 12:38:38 GMT
server: nginx
etag: W/"6596a6ce-a9b8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Jan 2024 06:34:03 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
29 KB 42ms
21ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: HKP1V3SEAMEW355Z
age: 2925
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 842aa6f99ac01c09-FRA
x-amz-id-2: G/bbfXEgLZnSs/sThnnByTsGsbfxzKHt0EjGUCAG7rMgLeFzyHacmBYQlPcqHkQcZoULOO+weEM=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 46ms
8ms Script
text/javascript 2600:9000:2250:d400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 09 Jan 2024 03:20:47 GMT
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 11597
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 5h9bE72gCm65KQu4Sy8qhL_tjV4meepFzBwWxUiVOnZVgg0BZDr6jQ==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 24ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18050
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sr%2FM%2Fm6NMzdNJKvHMjW0f4Dskc3B4pkO8Vjd5iUUQbd9YuY109KhtE3R7Eh6k%2FXyK7pd8UDAo88GM8w3kAIu9iYJ2s9tbQ9q5u0Gs5V1krO186XTZXzyUd94NUZEJ4wXq%2FqjAoMLKPD9630rCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 842aa6f98890bb7f-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 28ms
7ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3411
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: bJnZD-afl6XdS-TKRkAkdhHqLktN54AfPsQGXs6vYofc9CYerKIIfw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 50ms
24ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6cc117c16bc1aeebad807a96c81aa573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1

85 B
194 B

118ms
117ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f16d294dac23ba5978cc6148dbe45dd70bbc498b345324d5520344d745ae7d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-+VvxaqbQoTCtSRE32mJkz08ciUw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 09 Jan 2024 06:34:03 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://helopal.club
location: /esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 115ms
29ms XHR
application/json 54.78.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.109.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-109-25.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0751d7d2aca7f05555f1e5406f2009b916d1f0dfdf9b9383cef14d92e52b65ec

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://helopal.club
cache-control: no-cache
x-server: 10.45.22.51
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 35ms
7ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 15B0 14 KB
6 KB 636ms
121ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 420688
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
212 B 22ms
22ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
223 B 33ms
32ms XHR
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 09 Jan 2024 06:34:03 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: oa-360-1704782042947_5nuhzuwkd
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842aa6fa186c1c97-FRA
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 19ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 35ms
35ms XHR
text/plain 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 9ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 151ms
151ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C48%2C126&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=20722127-5c50-4d51-ad68-1416a24e3155&l_pb_bid_id=460859cf222bf23&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0126&rp_maxbids=1&slots=1&rand=0.8649277474177908
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f4a1386445d4e532ca4924466879fa6d1b51e38d63a02208c453de5e8902c233

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
5 KB 142ms
142ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=477094&zone_id=2872706&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C48%2C126&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=46f49215-49b4-4d68-be7e-29ca3d0a3c66%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=20722127-5c50-4d51-ad68-1416a24e3155&l_pb_bid_id=474ddd8275cd7f5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0126&rp_maxbids=1&slots=1&rand=0.6377391333203601
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b5434da53aeb1b7baa5e7818ac593d6d6ce34e01650a95c77ea36d6ba87b7e8

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 38ms
38ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Tue, 09 Jan 2024 06:34:03 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 84ms
84ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 65560edeb9bdbf890e2413d1c027c88786cb9824108197bc0e3edbc87349b0bf

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:34:03 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://helopal.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 657 B
317 B 453ms
453ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2882199106401246&correlator=1713081052191135&eid=31080188%2C31080198%2C31080298%2C31079784&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_adi_o3b_atf&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C320x50%7C360x100%7C360x50%7C700x100%7C700x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704782043238&lmt=1704782043&adxs=640&adys=111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x0&msz=320x0&fws=644&ohw=1600&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7a-2584xSABSAghkEhkKCnB1YmNpZC5vcmcYibC2584xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGO2vtufOMUgAUgIIZBIXCghydGJob3VzZRiisLbnzjFIAFICCGoSFAoFb3BlbngY7a-2584xSABSAghkEhkKCnVpZGFwaS5jb20Y7a-2584xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjGsLbnzjFIAFICCGo.&dlt=1704782042678&idt=429&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D52e657e610cf07e%26hb_pb%3D0.23&adks=687948696&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6a249e05eec43e64fd05d644dddacb12b44a00efe99e293b0c15501c98bbeda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C08 6 KB
3 KB 97ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Wed, 08 Jan 2025 06:34:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 658 B
320 B 823ms
823ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2882199106401246&correlator=1713081052191135&eid=31080188%2C31080198%2C31080298%2C31079784&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704782043253&lmt=1704782043&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7a-2584xSABSAghkEhkKCnB1YmNpZC5vcmcYibC2584xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGO2vtufOMUgAUgIIZBIXCghydGJob3VzZRiisLbnzjFIAFICCGoSFAoFb3BlbngY7a-2584xSABSAghkEhkKCnVpZGFwaS5jb20Y7a-2584xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjGsLbnzjFIAFICCGo.&dlt=1704782042678&idt=429&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D537dd08e07f3135%26hb_pb%3D0.52&adks=1932821998&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a4a643ac3c95b356f7a0634777352402265b876ddfee93dcaa49e015c49f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&hl=en&pvc=2882199106401246

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1047ms
1046ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2882199106401246&correlator=1713081052191135&eid=31080188%2C31080198%2C31080298%2C31079784&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_si_o3b_s1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x300%7C300x250%7C200x600%7C120x600%7C160x600%7C250x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704782043377&lmt=1704782043&adxs=1280&adys=161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7a-2584xSABSAghkEhkKCnB1YmNpZC5vcmcYibC2584xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGO2vtufOMUgAUgIIZBIXCghydGJob3VzZRiisLbnzjFIAFICCGoSFAoFb3BlbngY7a-2584xSABSAghkEhkKCnVpZGFwaS5jb20Y7a-2584xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjGsLbnzjFIAFICCGo.&dlt=1704782042678&idt=429&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D56a482546ee33d3%26hb_pb%3D3.07&adks=2756922945&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

703bb8e2368c4834a85379660cb12704b9755b965344bbaf71fe6275ea015bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12474
x-xss-protection: 0
google-lineitem-id: 6373201427
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445532320
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E06B 199 B
298 B 59ms
19ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 09 Jan 2024 06:34:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 6C30 9 KB
4 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1704782043&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042896&bpp=1&bdt=218&idt=182&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261352095320&frm=20&pv=1&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=185

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 01:04:19 GMT

GET
H3 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame 6C30 11 KB
5 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 22:07:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C30 14 KB
2 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 04:42:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 06:34:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 6C30 2 KB
875 B 28ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/ Frame 6C30 23 KB
9 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 6C30 3 KB
1 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 6C30 20 KB
9 KB 48ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C30 205 KB
65 KB 61ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:03 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6C30 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 932B 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1704782043&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704782042896&bpp=1&bdt=218&idt=182&shv=r20240104&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261352095320&frm=20&pv=1&ga_vid=468869383.1704782043&ga_sid=1704782043&ga_hid=343946719&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31080144%2C31080266%2C31080218%2C44807405&oid=2&pvsid=2882199106401246&tmod=142592755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=185
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 932B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Tue, 09 Jan 2024 06:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6C30 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8052996ac0ffc9d94aebcc8b31176c63d554e8eeae3370f7b50457ba55d84f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6C30 33 KB
34 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 9168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 04:01:15 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 15B0 428 B
557 B 98ms
97ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=helopal.club&sn=ChromeSyncframe&so=0&topUrl=helopal.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e9a7f933e0c57f7ea795badc45e64669e7abae80dfe123cad87d9310589a87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1806034
expires: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6C30
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRt8j2-icZfr9BeilhcIP0cOi6An5pJrydLbhu9nrEfWN_MIDEAEgybSOfmCV4pCCoAegAarAwu4pyAEBqAMByAPLBKoE1AFP0NUx8NhMz5DYtfaAK1XrifiQ3CKTDXdX3KlQicAkia2tAmq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22907650433661773239%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%...

0
0

57ms
42ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22907650433661773239%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221232630102987847905%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"907650433661773239","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"1232630102987847905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Jan 2024 06:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 Jan 2024 06:34:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"907650433661773239","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"1232630102987847905"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
68ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240104&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5723293772da8ae2ec7be68e0557e9f11d0b093b2736609c00ddc40590202671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12346
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame C7DD 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 21:28:39 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 14ms
14ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1399169600&rv=4130&u=AAAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&gtm=45je4130v9132638245&ccid=132638245&cid=G-WEZNDFHJK0&l=G-WEZNDFHJK0.L490.S12.B10.E912.I549.EC6.TC12.HTC0~gtm.init.S0.V0.E23.TS5ogtgasend.TI16.TE0.TS5ogtreferralexclusion.TI18.TE0.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ccdconversionmarking.TI23.TE0.TS5ccdgaregscope.TI24.TE0.TS5ogtgooglesignals.TI25.TE0.TS5setproductsettings.TI26.TE0.TS5ccdgafirst.TI27.TE0~gtm.js.S0.V0.E19.TS5gct.TI13.TE0~*~gtm.dom.S0.V0.E12~gtm.load.S0.V0.E1~gtm.init_consent.S0.V0.E19~GA229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
42ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 06:34:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 06:34:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E850 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:20:02 GMT
expires: Tue, 07 Jan 2025 22:20:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6EC2 829 B
998 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e809b3c3104db4c0e7bbbae328a5d1f853e3b843a86120072392d5aba2e9fc34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w4ugnF3YpBkTnmHM8n47HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-w4ugnF3YpBkTnmHM8n47HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Tue, 09 Jan 2024 06:34:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame E850 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 19:52:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6EC2 0
0 41ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240104&jk=2882199106401246&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E850 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BPbYxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC9F 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:03 GMT
expires: Wed, 08 Jan 2025 06:34:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC9F 24 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Jan 2025 10:17:44 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame EC9F 26 KB
10 KB 15ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13186
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230116-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcUeEVnyrJyaWbW8ZtsCr2eArMGFDKfaPTDhIwpUfTAwOgrvyjeKDjVQxK5l16KUh9cTTeRj%2B%2F69i9gKX1bU2X74dOVyOybgSILuLKQ1W9hovWn7uAytAw5G21qTrUs23FIalf3SPkrqIlIa1wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 842aa701ddd6bb7f-FRA

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC9F 205 KB
65 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC9F 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqLEKkOzSJJdl40yTKIfrjAQWOiZJjGDdgBQyIDkxn-oEjuCBlzaj5bStdURF-Edc3xueqNygTDJuY5a8Rd6PkCeQZY0VulvSbtqQdQJxvrdFmt848NoSTokJ6jS0lDa2ylz1aSWcVCDrSI2EJR6bA1Zoh1AYAMZfkO5IbhYuplp94qKf7uMIdcq6RZpprjoSuSJQV-drlhOnEZKTAsk6NGU8uxe1NnR8-AUp-uuLHUebef5u8QngfQNS2qezJ8Dl55FB1MAxfiqzU0cvBp9r0xTb5dp-QAvlt8eICOtMJ6U5hcvXPxV6MIl-kR9VOxcInbaP_PKRwPXlZ86R7Fbvx1ViZJMtChnL3w1oMcY5x6DSbFgp0esBxaZu0G5ddiP9Zaull6gwnrnZfENZLe1FsN6qMsYylTAw&sai=AMfl-YQLzVNa-Vd0K5ul4m05j_e1klaqYIEsf-9iuPRZoClmNoYi3NjSVwzl0b5RVnx7DQGDSkQUUpzohFtwjDCZKbk9-gU-QEV0A4KBJWQdWbNhShU3QnT3U-h2Oq91baU&sig=Cg0ArKJSzPchofra-XJNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9CDA 281 B
124 B 47ms
46ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNWzjpla8L4iiBmx_LOhfG1Ff4QLz9cws1XVwlXM_ouCCVgKJDm6Hzr1NtTmg3v2kq7fh5gREzkPkNzDrTp6OnIDxHgseQQdFIqq8gHTzq5t0uZw378

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A519 89 KB
31 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A519 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoflHJI_YE2JX0-HdtjfWY3gfSxY6OV2_Z7K54DMrwQ2wdCFN6fSCZC0ZsDCyQ8hXEQ_Zl75Qeaq4WrSmQyUzwoBJpE9vJ6ZUO5y8ai7ftjAVxtX0

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5524190a-6d2f-4929-bde5-8a7b88ad26c2
beacon-ams3.rubiconproject.com/beacon/d/ Frame A519 43 B
227 B 157ms
26ms Image
image/avif 2602:803:c003:200::57
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/5524190a-6d2f-4929-bde5-8a7b88ad26c2?oo=0&accountId=20988&siteId=513654&zoneId=3082760&sizeId=15&e=6A1E40E384DA563B46E6BBCD60B6C221ED8B4F2D9D77EAEFD1D8EF5A0780E1DEDA72B24A334083A1F02AA2EC5959CE3ED4336ADFDC3ED570EAFD3A04C7DC1AFFEA8C70A6A195961B984DF0D7276792C36D63FA49E688B466742D469CB999E147EC3EE8659868464A32DDA41700C9D473BDA8A5B14BE59F863C3F9FC4A5F6034C69A8906358651F3312521ADEEBA2D4DD166B0608CF3BB6040B700D89ED9C5C028DF9BB605DB9C6042D9260A55FD7D02055C6AF83CA09CBFDE82A954C1004678A

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:03 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EC9F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 931203e765c19059475b32e4dbe1c4a54f56233bae42bca038c43db3efaa23ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240104&jk=2882199106401246&bg=!LS6lLmHNAAaumcC-jpk7ADQBe5WfOGXFNxQ8ikMamZc-MWyZXFaSfTokmKH_QKX5RRJO4z-zWvuIdMyQi_F2UXRxTrAIAgAAAC1SAAAAAmgBBwoACdgfZ2jzRHOTpZkCtMp5OWEeCzKc4FUOx5UoxO9wkUPkRA4UWIi1QXVUd8zWZThevhLmB5r_M5nVo8MWWkBvtJxk0FaIZQfBuRNkuKFMEPcar3CITVz3440Igmpnyi4hnRCT5qRVyLkfS5ll_NZ8HiyxNgnXxTU-WTuKuHJtY0adSiaDXIue1DLlEldbUrNke5F7vLV5iryZKF7SRHFVZEkTNi_R7d_bUlGMOXHuAea7eJSZQ-euy--039rsjqGgg96jW6btW7_iA2TVrCLdLHBTrz_vFGBgLnDk5TXslsBWMastOW7MOCdezsLOXrNUcx5vCylKwPNrDnim_icRkOybQQLRvaN-J3Qght8j9CkBENtd67HttTU0GxauChoOo_GbIqZPoYUudkscW4W3Q58KPeNbsBJlAtZOwqT_7QFv9lf103xXuL1gEWw5nrGbrXSG3Zplk8_wVn2pyR5SrRCtQTOb4noT9gzueQ1b4w9mbTHtj4_nhuwoa3x97YaKEdrU4Ihx7tONMU5SKxIAfcQMVyuoooB7yTguPTrCG1T4BycC0EAeDbEZYCe0595DQaMrxUQX2hoVXSLi3aZvzIVH6AMzFhunrhRmCdcw_DF1xcpLca1LvlBGXKyJesx1zMUYsX0b6gNIJJiW1x-hqxguqJYeZuJKoioDnFM5yB50V7MxVENwdVJSOclMK6875hNkDGUYp1_FVGkPAHa-VlLVXipUVNySdVmYQ4HOYF1VigdvDnEmAGU_U6GoJgC4Auk9pKbvfCfA710-oO3UdyK428KoIJDLEJ5cp09oayPwtNqYOtzxUtfuM4qmpgLURL-OJ3nZ364Bv0Llzeb192V5PmWaW1plHphWXoiEirboIxnaRLIeo-lHab37AGDmCQHQ78JmzNpT5dIT15Jp7IvSYD8L-bJqFvcRUBJM0LIN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A519 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7161698358114&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A519 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7161698358114&version=m202309260101&ct=76&x=8&cor=11430692356585466000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A519 94 KB
39 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D503VeojwoBEpP5UHWh8TA2krD56z0_b4XI_Ou8WX-hJDx4bNR1ENMsu5og39lL2CziI4N4tp0a6QCPKDFHm21YQxMoSXxGz6vVFaT4vjfrLaxk4It38euGND5O10K_uPu6uyjb61sJMRv0C2i86ajAcUgFtiaDXA8iAfdD2bw_d-WsF0&dbm_d=AKAmf-ApPX75tzW17YYar_ZUfaqZDSKRn8souPdDXDf7Ka-hcIHFm4V14c-Xn7cVQ1ROytbuQb14W5qQWP9JoMEBTxhToumKFvpQhHwBB-8Mm3YEIkaCo6DT6Hw3eeRH3cvpzyHY_7muf9HxaNVA5Pdkh_QKSxE4UauODfRTyF_9pOppOrKUzLoY32ipBdcuy1hIGcW0-8OkpntEOY-tgRYbg94UzVKOMRogrTR5MMDjv22cxmty7IWvXM-Ft0o6MdaJWJXiTpl1ufKDP037-cBCsk1tbtFzy-MXfJygSshYknma4VkLnCOS_AhIwSW66NNhBgAhTTiynsnWFcOcBdDtG2jM6hkepOooOHA49tygAAMBqS6zMkjghkaXfm1NBdWQk7nOOsycexq501Xc5J_VqLf42zaD8tE0zoIMKqnJvQ7zOSgr4RTXD00ks8wx8BFTiLZJK7-s_PGBIF_1pywXFliWAP-L6k4zOxegIiJ9MLNNJM7c_XxsiFOnIvMYqlHZ2Yk6T0tWIdYs74WJUjo2lb73dWoYtJG_Le5jJURp7OSSMl6jW2hljNR2cHgpoUyvn5e-3i22P-5WuJkFDZ1-b_e5qSZQoQLvwXY5YBOU88znrqbD1EJyvypzFXaF0r1O9FJDHe9GULyKUWPowP5R-AFuR5jN23VlY7u4dhErFTfcR3DPjdD9eH-uP6gcoVvkSVnJrQZ1KaJzY5YxiC0V-3_i4OjJw_mXeI5HvXnxa4seaUOVeoXjlrBpWMc-7aq0d59F72gCsP-DOiQZhtocF5cOtU3n06l4bAJ9QqpST98-AMZepjA8LPAaRMjQ-R3q6rohsFvgg_AFg_VX1iGtr1QMkzAsFgIpzFTFQlEQatbFMm12MXvuE_GM6HiwmquyvCgRtiHgjTd58RxbZRnFO-r460KE20fnRGpJuSo95j9teOSI4Ux5QkssZaIW1D7-79igvJL4NJ79lU7tGHApmvbrOjIggbWZUOVyymjyy2q8ZuNi4lSn9y4q2rX7WeYoc8SIDm57rTZv3xrBr8Ts97W9AuCKId1GgmNjlehpk7_4rVgo2wyMS0UABOL762ITFbczf0kwMnUNtADqDQ7hw7teBPTEzshbmUXkYFQvazEh4wsliL9or0X9K6OJxNDg2Y5QWzMUjR-PhdWuodl4rBC9-vkdzBEch1lMXdpAp9wrK_LFBR2ugHBZzLdzrqQaVVy0cAZmjVHibr_lk5hhPzH7fPcaBF8QFONicHKKJ9pYp2poYOC3u9VSgsfZTANByIZGzZuBrkLAf8YdYbYMjmwrYG9-vIsijLNG-r4xsl48Pc6HnTMZnFBGEw3uratXylcifVlm2Ohs4lmwKxVwbqYwLBi0n_rw5iXn8MLiU6seXCwA5kSZgTg8RECLgcKHLs702JcSNM8qNmAQGxPNXNgB65_IntcvMlgZgpK70Xam5LKC-zta7Bd61ZzyyIUgbTgHe9hgHW343uR4UiYlSOHO5XrnQgMU5iu8vfwEUU4KDSGby7GDxbg48qfFmU3g57pgrmXLJHhTY1ys0FJNs9aK_tPKm06Gj6iirkNGMtjWSZiT1JGUWkcFtx6b-xTblIz1HtiTq91NXxIDLvpn4Etal-TdMz29Kzf5A_PaFDiBL11lyuD6odNCkcTPM6JwrLUaiztzS43YwpqW1QoDJgiPaosam8Xr535aFWM_dj_GLio8wwhNedwJhj-_zJsfY9WO6JC0M8vZ6PXFPK9_Es3HN9gYiiFdvB7qfJ3lLiLyuWrZPAvLvpREej2QLLBbqL7RFquiXq8mllQsCXmlreAQSO433KGw_i9wp62KxCycU6heJI60EQc47xjp8kOL1Oa_u7MMUv_CGa6pS1xzxdrNwy-Wvk3b9tB-jAkuUchPoHjRi8AxlqiebOQbHytLdhuvqVN1pPEqc1go6ec9tTlHcs3IkDivK1RgVTMPMZw_Ckyr_txrkXYqRNLNWzdhbXDOOxG8IOy34BvWgHjuzc13nIJa3QzU8XOSv5-i0zcx-LjKsJ3x3_0tbvYf9dVuv0JCOcrVh3l2OGoEyw0u1L95PCI0mBAsp2dl_hjpQQvd2S4u646EyslPVk9KSCPRXrMaKN_WZwiL7N1NKpX6RfHJHeqNewHei-S30MX7gRBfNgBjud1bsRs5rB53AYoNUwNQr1IUYsPB-X9B7rZcPs75elSLwhlO_VaU3XbnvhzAKAUwuaAsqgTl5w9FkrkHwkxIQoNDO0DD99AktxsbHNf8ghhVZkZNADJRCanXYzUO5ILNkjUFlEa94oyPUcifP12ujVA9GdCNRAlDvJaJ-lzUM2VZzdQDUQLoKRRcvIQD_XS_RwGc7GXJejJbJa1gfdjIwWHn5w7757o7TINeh-7Y8orXD_i-kucc3HJpszt8YE6489aYxQljo24tZNXqFsHprBLCXaTxDvqm-mH8JuMQpsEx0djbnzpLGAWsxl58RFJX9JBaIQYhrk_DRqyBQNFMXO4oIJI1W53cSPxihJZJOkGzwYrJd0upoSLZ3G5RstQG-7pVbvix02K4S-RZ3G6MVGRtG_OR66nTeE4zeNS2u-Y7yGawGMfXHIkLGc7JrxbfNDdOVOFqosyx2-4WAdYf39CCGtk7eQnHYZ9H4TAnDVfEPNXdl6AYDOwRKe7IgOiyZbiPfXKOTCYAjSuu5iQpPvYa8B0mRU_MlvtyaiQbLdlt04e7T7C0iaStKbCNrh0IudraWI-EW_R07HsjFqtah-F-DfDrq2GnIPA2j9UWMZS22kB-BgCrxKF8g-GEIMjT27w2ZRcdfhp1zNvSF66BVcNbKqrJ4t6p_7nXiZviDxIlawdjhzqnvEt2NlRohPw7RLjUNflKGN4b2m1eMq_oidYhw9ut1869XnOiyHBz1aY9v5r0yfld6WyseV8zjRcoUGLXI256iEX4QYGCA6NmsbkI-6IF9dh1jhL5pRKm9G71W8Jyryecq_8lGD9NuP0a4HCsDMDP1YETGZYBTQH2rJQtDI8a7KGWjZwcGQDnjbX8wdt1UKxX2LWb4PfKSZ2WhPfNUF05hcIAe5Fs9tK65k5Syh7V3Obf1sLnC1ecaZ7L7O-C7W8BdnHLKgl3iY5Usw5-PtNzi030j3pUcsv2_LvYG8p4CMn3y5O1MWKnRcFYB5YKaYP3vS40sB-QmINbU6ETL_eSiWEqs05IWtoziAB_R9b-6s6hYqzpqBEPs59OAediymijrUlVRZFBgMzGQhsMIvk7EJ6VM3oeVAZiHpfPx_WMfpHbHdVBeTZCXz2w5sjYJWt3hsu1UfPPiuFWyLtb8U1VzTmQQK1KZL2TGPMmGeEAxNeEaFFybWMRFiWpekZA28fY0_GWbeWRHMgnHa94-ulbV7rkNF4uReeBdhGvOwcJ_9E_2hnIfiQWm7YuNwy08aZiQ8LGRQsD4jEbYnZCV1qJF9MvHU4Rd2F0VVynXq6oK5IQmp_7fYq8GrLbEEDOvut8NUVuWcRf2X7b0_Lc2Fvt1LDtyU920760fC0er0ZlDbv3q-hcbhRATPzsxQ&pr=8%3ACC69270ACB4F9450&cid=CAQSMgAvHhf_tysSH14xkP-URqzDlvxSQoMVJ3IEDtY8sIog8Ca6Fnx1ifuok2pP-l01oljDGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=11430692356585466000&adk=3030647&idt=90&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0386b422dff8150b1b2c99718f44310173a6210b0d65976eeeabe5ab15730113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9CDA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEDCDrdzB87_iwtLWTz4Jghw&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDCDrdzB87_iwtLWTz4Jghw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=ffe112ca3e53debe6f4b86332663b07b&uid=ffe112ca3e53debe6f4b86332663b...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
149 B

109ms
33ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNWzjpla8L4iiBmx_LOhfG1Ff4QLz9cws1XVwlXM_ouCCVgKJDm6Hzr1NtTmg3v2kq7fh5gREzkPkNzDrTp6OnIDxHgseQQdFIqq8gHTzq5t0uZw378
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:34:04 GMT
Last-Modified: Tue, 09 Jan 2024 06:34:04 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9CDA 170 B
243 B 50ms
17ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNWzjpla8L4iiBmx_LOhfG1Ff4QLz9cws1XVwlXM_ouCCVgKJDm6Hzr1NtTmg3v2kq7fh5gREzkPkNzDrTp6OnIDxHgseQQdFIqq8gHTzq5t0uZw378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A519 172 KB
61 KB 48ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
Origin: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/ Frame A519 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D503VeojwoBEpP5UHWh8TA2krD56z0_b4XI_Ou8WX-hJDx4bNR1ENMsu5og39lL2CziI4N4tp0a6QCPKDFHm21YQxMoSXxGz6vVFaT4vjfrLaxk4It38euGND5O10K_uPu6uyjb61sJMRv0C2i86ajAcUgFtiaDXA8iAfdD2bw_d-WsF0&dbm_d=AKAmf-ApPX75tzW17YYar_ZUfaqZDSKRn8souPdDXDf7Ka-hcIHFm4V14c-Xn7cVQ1ROytbuQb14W5qQWP9JoMEBTxhToumKFvpQhHwBB-8Mm3YEIkaCo6DT6Hw3eeRH3cvpzyHY_7muf9HxaNVA5Pdkh_QKSxE4UauODfRTyF_9pOppOrKUzLoY32ipBdcuy1hIGcW0-8OkpntEOY-tgRYbg94UzVKOMRogrTR5MMDjv22cxmty7IWvXM-Ft0o6MdaJWJXiTpl1ufKDP037-cBCsk1tbtFzy-MXfJygSshYknma4VkLnCOS_AhIwSW66NNhBgAhTTiynsnWFcOcBdDtG2jM6hkepOooOHA49tygAAMBqS6zMkjghkaXfm1NBdWQk7nOOsycexq501Xc5J_VqLf42zaD8tE0zoIMKqnJvQ7zOSgr4RTXD00ks8wx8BFTiLZJK7-s_PGBIF_1pywXFliWAP-L6k4zOxegIiJ9MLNNJM7c_XxsiFOnIvMYqlHZ2Yk6T0tWIdYs74WJUjo2lb73dWoYtJG_Le5jJURp7OSSMl6jW2hljNR2cHgpoUyvn5e-3i22P-5WuJkFDZ1-b_e5qSZQoQLvwXY5YBOU88znrqbD1EJyvypzFXaF0r1O9FJDHe9GULyKUWPowP5R-AFuR5jN23VlY7u4dhErFTfcR3DPjdD9eH-uP6gcoVvkSVnJrQZ1KaJzY5YxiC0V-3_i4OjJw_mXeI5HvXnxa4seaUOVeoXjlrBpWMc-7aq0d59F72gCsP-DOiQZhtocF5cOtU3n06l4bAJ9QqpST98-AMZepjA8LPAaRMjQ-R3q6rohsFvgg_AFg_VX1iGtr1QMkzAsFgIpzFTFQlEQatbFMm12MXvuE_GM6HiwmquyvCgRtiHgjTd58RxbZRnFO-r460KE20fnRGpJuSo95j9teOSI4Ux5QkssZaIW1D7-79igvJL4NJ79lU7tGHApmvbrOjIggbWZUOVyymjyy2q8ZuNi4lSn9y4q2rX7WeYoc8SIDm57rTZv3xrBr8Ts97W9AuCKId1GgmNjlehpk7_4rVgo2wyMS0UABOL762ITFbczf0kwMnUNtADqDQ7hw7teBPTEzshbmUXkYFQvazEh4wsliL9or0X9K6OJxNDg2Y5QWzMUjR-PhdWuodl4rBC9-vkdzBEch1lMXdpAp9wrK_LFBR2ugHBZzLdzrqQaVVy0cAZmjVHibr_lk5hhPzH7fPcaBF8QFONicHKKJ9pYp2poYOC3u9VSgsfZTANByIZGzZuBrkLAf8YdYbYMjmwrYG9-vIsijLNG-r4xsl48Pc6HnTMZnFBGEw3uratXylcifVlm2Ohs4lmwKxVwbqYwLBi0n_rw5iXn8MLiU6seXCwA5kSZgTg8RECLgcKHLs702JcSNM8qNmAQGxPNXNgB65_IntcvMlgZgpK70Xam5LKC-zta7Bd61ZzyyIUgbTgHe9hgHW343uR4UiYlSOHO5XrnQgMU5iu8vfwEUU4KDSGby7GDxbg48qfFmU3g57pgrmXLJHhTY1ys0FJNs9aK_tPKm06Gj6iirkNGMtjWSZiT1JGUWkcFtx6b-xTblIz1HtiTq91NXxIDLvpn4Etal-TdMz29Kzf5A_PaFDiBL11lyuD6odNCkcTPM6JwrLUaiztzS43YwpqW1QoDJgiPaosam8Xr535aFWM_dj_GLio8wwhNedwJhj-_zJsfY9WO6JC0M8vZ6PXFPK9_Es3HN9gYiiFdvB7qfJ3lLiLyuWrZPAvLvpREej2QLLBbqL7RFquiXq8mllQsCXmlreAQSO433KGw_i9wp62KxCycU6heJI60EQc47xjp8kOL1Oa_u7MMUv_CGa6pS1xzxdrNwy-Wvk3b9tB-jAkuUchPoHjRi8AxlqiebOQbHytLdhuvqVN1pPEqc1go6ec9tTlHcs3IkDivK1RgVTMPMZw_Ckyr_txrkXYqRNLNWzdhbXDOOxG8IOy34BvWgHjuzc13nIJa3QzU8XOSv5-i0zcx-LjKsJ3x3_0tbvYf9dVuv0JCOcrVh3l2OGoEyw0u1L95PCI0mBAsp2dl_hjpQQvd2S4u646EyslPVk9KSCPRXrMaKN_WZwiL7N1NKpX6RfHJHeqNewHei-S30MX7gRBfNgBjud1bsRs5rB53AYoNUwNQr1IUYsPB-X9B7rZcPs75elSLwhlO_VaU3XbnvhzAKAUwuaAsqgTl5w9FkrkHwkxIQoNDO0DD99AktxsbHNf8ghhVZkZNADJRCanXYzUO5ILNkjUFlEa94oyPUcifP12ujVA9GdCNRAlDvJaJ-lzUM2VZzdQDUQLoKRRcvIQD_XS_RwGc7GXJejJbJa1gfdjIwWHn5w7757o7TINeh-7Y8orXD_i-kucc3HJpszt8YE6489aYxQljo24tZNXqFsHprBLCXaTxDvqm-mH8JuMQpsEx0djbnzpLGAWsxl58RFJX9JBaIQYhrk_DRqyBQNFMXO4oIJI1W53cSPxihJZJOkGzwYrJd0upoSLZ3G5RstQG-7pVbvix02K4S-RZ3G6MVGRtG_OR66nTeE4zeNS2u-Y7yGawGMfXHIkLGc7JrxbfNDdOVOFqosyx2-4WAdYf39CCGtk7eQnHYZ9H4TAnDVfEPNXdl6AYDOwRKe7IgOiyZbiPfXKOTCYAjSuu5iQpPvYa8B0mRU_MlvtyaiQbLdlt04e7T7C0iaStKbCNrh0IudraWI-EW_R07HsjFqtah-F-DfDrq2GnIPA2j9UWMZS22kB-BgCrxKF8g-GEIMjT27w2ZRcdfhp1zNvSF66BVcNbKqrJ4t6p_7nXiZviDxIlawdjhzqnvEt2NlRohPw7RLjUNflKGN4b2m1eMq_oidYhw9ut1869XnOiyHBz1aY9v5r0yfld6WyseV8zjRcoUGLXI256iEX4QYGCA6NmsbkI-6IF9dh1jhL5pRKm9G71W8Jyryecq_8lGD9NuP0a4HCsDMDP1YETGZYBTQH2rJQtDI8a7KGWjZwcGQDnjbX8wdt1UKxX2LWb4PfKSZ2WhPfNUF05hcIAe5Fs9tK65k5Syh7V3Obf1sLnC1ecaZ7L7O-C7W8BdnHLKgl3iY5Usw5-PtNzi030j3pUcsv2_LvYG8p4CMn3y5O1MWKnRcFYB5YKaYP3vS40sB-QmINbU6ETL_eSiWEqs05IWtoziAB_R9b-6s6hYqzpqBEPs59OAediymijrUlVRZFBgMzGQhsMIvk7EJ6VM3oeVAZiHpfPx_WMfpHbHdVBeTZCXz2w5sjYJWt3hsu1UfPPiuFWyLtb8U1VzTmQQK1KZL2TGPMmGeEAxNeEaFFybWMRFiWpekZA28fY0_GWbeWRHMgnHa94-ulbV7rkNF4uReeBdhGvOwcJ_9E_2hnIfiQWm7YuNwy08aZiQ8LGRQsD4jEbYnZCV1qJF9MvHU4Rd2F0VVynXq6oK5IQmp_7fYq8GrLbEEDOvut8NUVuWcRf2X7b0_Lc2Fvt1LDtyU920760fC0er0ZlDbv3q-hcbhRATPzsxQ&pr=8%3ACC69270ACB4F9450&cid=CAQSMgAvHhf_tysSH14xkP-URqzDlvxSQoMVJ3IEDtY8sIog8Ca6Fnx1ifuok2pP-l01oljDGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=11430692356585466000&adk=3030647&idt=90&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:52:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:52:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/ Frame A519 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240104/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 21:01:47 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A519 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 10E9 281 B
555 B 54ms
13ms Document
text/html 104.119.110.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by: Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.119.110.47 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-110-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 06:34:04 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 42C4 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 42C4 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 19:52:41 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 10E9 40 KB
11 KB 13ms
13ms Script
text/html 104.119.110.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.119.110.47 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-110-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314358c19c1d0a7c716ad50f6d1df89df00e23cf7da2d4846637707ec0c86742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:34:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 21:37:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54213
Connection: keep-alive
Content-Length: 10964
Expires: Tue, 09 Jan 2024 21:37:37 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A519 205 KB
65 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 06:34:04 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 89 KB
7 KB 30ms
15ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a09611851d32c9f70ac514e7770a62975835867f0f7215f818ddcc6ee8ddcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 06:34:04 GMT
expires: Wed, 08 Jan 2025 06:34:04 GMT
last-modified: Thu, 06 May 2021 05:38:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A519 0
0 105ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstt6Y0rL_zNUIvu0d97FlvLE3jUXGzQsldEgX-LnzVZCOyvLNYUzX07zHHxTj61_mXYaEB6C_6Q3iLuDuht8xjLY0y24atNerHl-FLBH2X5zOLjzQt9JEu6mFSN43omXd5GNwuZsu-GdzoSt7FL0FW8CbgLpGcPmfsv7Fmi4LBJKsxW2O-C66imy03ok7eXtdJtnYi4TJD_4ukExX57tyZ8ey5YGSMi8nYgJpOi8O-XWv3SGk9tdrnh71quu4kxWIZ0NxLEzFuxLnJJ92Q_MTSRsJrWtPEW4nOhC6a5Sjex8utMDvWbaUaMauw5SLQ6-urH0kX66aGtOgEEy4iUNAVaZ8RlIkDHzdLzG7XLC9vZT0h8VUWXxi2QRlEKip1daKw5FbwANqiwkL2O_ach6PB5SC23ZvA9URcE2vLlfo0P4YnXSy4HetJ66Nip488ECygSnLrKcJpW4Nq4MlU7YW1CU2SFJZOtAk1jZHjlV346Os0bT_Kv94CycqgpNzBEIB7qb_EhoGXoTv2un-Qm-gLXbUgtZTHaW1RuC7HGg0KR5vgGtaETMnouaCV2RJrCxio_WrGhGGSeTVq_irPmsFOIA6zUWp0Ti68mvCaVdJKxP5TDgkW5GLQOd6KrDWkXF3zTB86_bVa8M6xb5ONrXNwBbige179BsGh35y0Ix3vEYhUUKbdfqSojbLfXOvHNF9E9pES5ftfM7-yFdWuH-85h8M5q7Qqrkkm41xR1no12piXjuvMMZZJVxXDPvx1yghXFUg9ajJu_988xhRTrAjhxiiybALj5mkwutED-8lBIg4262LMUY3mf7lhv_GSiP9d68njFNmbyjA3t8S6V4_0b1XxNSRTxF_70vOvtEBGQQGLeRey2KTWhcGRlrLZ_xl2DU9sCyswhMO3zjO9V_Mduvj9sJB5mkT6mBnamMve_R5nTOu9pWqbpswp4v7pytbdTvfESxXnnrs22YfBzMMYmpiBTlp0dG48ViXZ0-FfJD7ehAWA1bgOaDx-sLOHoXnz4AVPsadAk1wKlaC1313LgO9tYWPaVOivEptDLLFLi6C-xztk87vNfMV8MZdyycfQfC1jV5mVW5CNXgbEPs8IHjcfWXVaj8gjpxE4XC2cwYJTGNd143et8JABN-skzUyLLTSsyFf2Sc6cb6PYvQF15XFxtHiquQPxa-2_APMKFiC8kJYhf_Igqrz6qRy1B9FAh6RHp5utYqDS9eTlk7Df3VPYgfN_PqWtw8xHXQxTFD58tq6rzjvHPcRe_pAHQeA7RUdkfI1qg0gQ&sai=AMfl-YSKMTEg8qzt2xWMeIUM8Ht61a5-hyquveTWuwmAaEpVVdxqEdv-0R24q02SBHJ74eVqwPJ1EVP7-NfBNpfjNnkk8NG1TtbnqYqhtF-DdqeZ9yDh1ROW_rGnT4o0qfEov_RDEndOfu5fqt5odz-wv4h8QJXAdrk2Ty7fPLmpCDxQd7tUWr7ACPE4JKYRVpGc7Ovpj_Y9wuoUD54XuNXCXrR0gH8GDoJDL9QXPG6V-dIi5WRblztwdB0FrR0IK9URPN-PuQ86o5c-qw7--A&sig=Cg0ArKJSzIoUIyyettwrEAE&uach_m=%5BUACH%5D&pr=8:CC69270ACB4F9450&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=72&cbvp=1&cstd=68&cisv=r20240104.13073&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 10E9 7 B
380 B 35ms
7ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 55 B
104 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 12:16:50 GMT
date: Mon, 08 Jan 2024 12:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 731 B
264 B 14ms
12ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 13:46:26 GMT
date: Mon, 08 Jan 2024 13:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 24 B
73 B 13ms
11ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 21:36:28 GMT
date: Fri, 05 Jan 2024 21:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 281 B
188 B 12ms
10ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 11:31:39 GMT
date: Fri, 05 Jan 2024 11:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 26 B
75 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 00:00:39 GMT
date: Tue, 09 Jan 2024 00:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 157 B
145 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 04:34:05 GMT
date: Sat, 06 Jan 2024 04:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 400 B
305 B 20ms
19ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 19:13:26 GMT
date: Mon, 08 Jan 2024 19:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 21 KB
6 KB 18ms
17ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 20:46:37 GMT
date: Mon, 08 Jan 2024 20:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 3 KB
1 KB 19ms
18ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 17:21:26 GMT
date: Mon, 08 Jan 2024 17:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 8 KB
3 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 01:47:43 GMT
date: Tue, 09 Jan 2024 01:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3125
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 435F 110 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 18:58:35 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 13 KB
4 KB 23ms
23ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 07:31:15 GMT
date: Fri, 05 Jan 2024 07:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4408
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 5 KB
2 KB 26ms
25ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 21:40:09 GMT
date: Thu, 04 Jan 2024 21:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 1 KB
618 B 21ms
20ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 09:15:05 GMT
date: Tue, 02 Jan 2024 09:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 7 KB
3 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce8bd0ee36a0c73ad575c2b1a3d8117bb51a83021a64510197960c8fe5a1e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 17:14:03 GMT
date: Fri, 05 Jan 2024 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307201
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2867
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 4 KB
2 KB 22ms
21ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 09:06:27 GMT
date: Mon, 08 Jan 2024 09:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1814
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 2 KB
724 B 22ms
22ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 12:55:23 GMT
date: Fri, 05 Jan 2024 12:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 687
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42C4 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIOGQ3OicZarbJMnpx_AP4p64sAIAAAAAOAHgBAI&bg=!YmGlYS7NAAaumcC-jpk7ADQBe5WfOFATFvlikcAyIDPQiCrV4rhrqdZ3w1alkzFXuzdjdTxFhFm8ufZGmfbnfvsjgKCiAgAAADRSAAAAAWgBB5kDVbFNOWjhJ_B_rBpayFFXlxvrhEq0cvpPI0Ul70JwCHAgnlz65Q3iimXn4vdtYEJleuPU7sH4jytYsKMexLpC8HOgh9hgBByGqm7rCnD_hHnqN09bx7NFNOU8aMmQa4zs2s4Ll7Lk-jAEVplGokdHLizmUI830X4iObXI8_y3quwS_j_4lYvTuipDH67PD7q6TkvBMGv4GCf_gSyOdptnY94cdp3zGUzEMP0kMf6jvdYSQ4oX9r_Iz7Tq_zIfu-DfLOQspRhkK5T8w1DVecNcbJWkEuiVyJHp0Zs-gVh-YME-csCHw8gUfpt1x5nYCHLD9siAuLWtOBDescwMhVmmdVFwF5OFCviKI4fnxIiX969EMpsGCaVu6G4Wha1TLX9SmOfpj2QE2vnIWPgNOZHkoyfvyE9GqdQq8BuoqY26vbCfnsG-YYrnM5h6yWeb6GHojHTVDfv_WkVbZpr4eD4Hc92JNLqbW2QsJnq-iHeVVj1dzeTbQHpOrOQRdOwBABoOzwpJ_fMrYZiHZ_gxy0mN-G7m8pjQbWhImwVVKKPrhhTBxSUO3HBiNi_5VYQIjyBPHgGedgVlbkMRnzwKNZkIod9I7sM1XnJPYmoUZ7948Zb8BN9gp0_SpTnglNnfByU0zBW-pPKoQQRwPH2mGDALlUki6qzmSqVD7a47JekjPit9umskXsvWfSlHCJjC6LNROUp8pwZ0Y6IhAidlnDH4f1b07GvMpELEp-xSZH-Oo896BV037o38eE8C2Pxg8EBsjXYarNifil8XqbMF2efmE6FbhdA1vHaoOyoAOj6FxoB9qFN3Kr75j-7MC6N-Smk7ln6DkfoGdnteI-Si9U3yHnxX6uRD8bZAj6BG5IMQDDiHQ2hjN57anjKUORfrcHW9AjCO6VBsYfLXthb1ipdJVoHMAbCrjRQoiPXwuJtW3C4uiQqcpIC-S42ns9nXdvx37cp6BTv4HLNziY2NKzus3NHGusysFsxSD66Anzt0cbCeWeVRPvUQKkC951HNIxZyskrlJbFBKZI94UUAOH_v1kR7sgtMTglxduZ_7DgShieDYRJyXaegYjG_jcuWyn-ve0lvThogbCWXhEtb90aa4GSwu6D6xJGEUY4-jahalTVGkbDhorM

Requested by

Host: 1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
URL: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 775 KB
775 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/image.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5158c5fe482856f631bfca622715d04ae078d407051f4ece1c31fbbeafd4f0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 16:12:16 GMT
date: Thu, 04 Jan 2024 16:12:16 GMT
x-content-type-options: nosniff
age: 397308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 793857
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 FreigSanLFProMed.woff
s0.2mdn.net/creatives/assets/4003215/ Frame 435F 63 KB
63 KB 6ms
6ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4003215/FreigSanLFProMed.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:23:54 GMT
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64700
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:10:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 06:38:54 GMT

GET
H3 200 FreigSanLFProSemBL.woff2
s0.2mdn.net/creatives/assets/3981799/ Frame 435F 25 KB
25 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3981799/FreigSanLFProSemBL.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fdadaacd40057633d19ce14868b83ab76f781214f860e5b93d5e8f37ba1f606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:23:53 GMT
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25824
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 00:02:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 06:38:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 435F 8 KB
6 KB 50ms
50ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25c4013bbf5a2d69ab162f32038a15e5dc075beea7abc0e876b34e7d68e0301c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5933
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A519 0
0 44ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstt6Y0rL_zNUIvu0d97FlvLE3jUXGzQsldEgX-LnzVZCOyvLNYUzX07zHHxTj61_mXYaEB6C_6Q3iLuDuht8xjLY0y24atNerHl-FLBH2X5zOLjzQt9JEu6mFSN43omXd5GNwuZsu-GdzoSt7FL0FW8CbgLpGcPmfsv7Fmi4LBJKsxW2O-C66imy03ok7eXtdJtnYi4TJD_4ukExX57tyZ8ey5YGSMi8nYgJpOi8O-XWv3SGk9tdrnh71quu4kxWIZ0NxLEzFuxLnJJ92Q_MTSRsJrWtPEW4nOhC6a5Sjex8utMDvWbaUaMauw5SLQ6-urH0kX66aGtOgEEy4iUNAVaZ8RlIkDHzdLzG7XLC9vZT0h8VUWXxi2QRlEKip1daKw5FbwANqiwkL2O_ach6PB5SC23ZvA9URcE2vLlfo0P4YnXSy4HetJ66Nip488ECygSnLrKcJpW4Nq4MlU7YW1CU2SFJZOtAk1jZHjlV346Os0bT_Kv94CycqgpNzBEIB7qb_EhoGXoTv2un-Qm-gLXbUgtZTHaW1RuC7HGg0KR5vgGtaETMnouaCV2RJrCxio_WrGhGGSeTVq_irPmsFOIA6zUWp0Ti68mvCaVdJKxP5TDgkW5GLQOd6KrDWkXF3zTB86_bVa8M6xb5ONrXNwBbige179BsGh35y0Ix3vEYhUUKbdfqSojbLfXOvHNF9E9pES5ftfM7-yFdWuH-85h8M5q7Qqrkkm41xR1no12piXjuvMMZZJVxXDPvx1yghXFUg9ajJu_988xhRTrAjhxiiybALj5mkwutED-8lBIg4262LMUY3mf7lhv_GSiP9d68njFNmbyjA3t8S6V4_0b1XxNSRTxF_70vOvtEBGQQGLeRey2KTWhcGRlrLZ_xl2DU9sCyswhMO3zjO9V_Mduvj9sJB5mkT6mBnamMve_R5nTOu9pWqbpswp4v7pytbdTvfESxXnnrs22YfBzMMYmpiBTlp0dG48ViXZ0-FfJD7ehAWA1bgOaDx-sLOHoXnz4AVPsadAk1wKlaC1313LgO9tYWPaVOivEptDLLFLi6C-xztk87vNfMV8MZdyycfQfC1jV5mVW5CNXgbEPs8IHjcfWXVaj8gjpxE4XC2cwYJTGNd143et8JABN-skzUyLLTSsyFf2Sc6cb6PYvQF15XFxtHiquQPxa-2_APMKFiC8kJYhf_Igqrz6qRy1B9FAh6RHp5utYqDS9eTlk7Df3VPYgfN_PqWtw8xHXQxTFD58tq6rzjvHPcRe_pAHQeA7RUdkfI1qg0gQ&sai=AMfl-YSKMTEg8qzt2xWMeIUM8Ht61a5-hyquveTWuwmAaEpVVdxqEdv-0R24q02SBHJ74eVqwPJ1EVP7-NfBNpfjNnkk8NG1TtbnqYqhtF-DdqeZ9yDh1ROW_rGnT4o0qfEov_RDEndOfu5fqt5odz-wv4h8QJXAdrk2Ty7fPLmpCDxQd7tUWr7ACPE4JKYRVpGc7Ovpj_Y9wuoUD54XuNXCXrR0gH8GDoJDL9QXPG6V-dIi5WRblztwdB0FrR0IK9URPN-PuQ86o5c-qw7--A&sig=Cg0ArKJSzIoUIyyettwrEAE&uach_m=%5BUACH%5D&pr=8:CC69270ACB4F9450&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=196&vt=11&dtpt=124&dett=3&cstd=68&cisv=r20240104.13073&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 435F 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 06:34:04 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2690 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 19:52:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC9F 0
0 61ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJdcJKqoGFdu43XjCFWrQCmG5BLKX6qvA7AeUVeV6FqRLbyXq9C-FrwAfSa7kx8G1zp25sPLSfrs0Pt_5O3IvxtpGmn9MOoqT-LHYko7upBxV1vJXHaI0uym6vVQITPeXEPgGGpCasgtxEPjMF6402-L4HwdSvQAjW_qJrGps88f9SEWgk3fYnrG2M4Eb8lQD95QcpWUYrHRBjJ8fd83LBehKQCiesYFCivv0m12pko9ER5NkjO5FI0u29qjZWO3v35rRWkxxMwFvX52C1rsC35PrpJ2BEg8FBmIKqHCSkQMocJs9svZMNOuOB9oME_Xs3LiT0O25dWaRtpoz49dDXBSYdGYFW3x9D1YaWE1JGD59DlS--3kHfOajEwEEHQrNx4S7OzpLj0sAidG1mrCi82z4nCO1pnh8E2Q&sai=AMfl-YQQK9FqGnFBhVu0j8JGDRBoHxFx-pDFvSQoKo5xMQoWGS0rMudeKDkQPg7I2jArMXY_LRrGOcdxUOHF6v6E5sLe_9CiJE5n-iCus5VzMThALW-CTHsGDTSyOoBw-RU&sig=Cg0ArKJSzMLOPWAmckgrEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Jan 2024 06:34:04 GMT

GET
H3 200 vrbo-logo.svg
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 7 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/vrbo-logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0103bf7c99c834ba20e52e039535e05c48eaaefe74c022590f9b9b73be78fbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 09:06:40 GMT
date: Tue, 02 Jan 2024 09:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3431
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Vrbo_Logo_an.svg
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 132 KB
99 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/Vrbo_Logo_an.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21605de773ccbb48062d05679f58a42848461f98d47367ff76cf9fb2961db287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 06 Jan 2025 14:49:08 GMT
date: Sun, 07 Jan 2024 14:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101002
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/17920426833501136286/ Frame 435F 775 KB
775 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17920426833501136286/image.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5158c5fe482856f631bfca622715d04ae078d407051f4ece1c31fbbeafd4f0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17920426833501136286/index.html?e=69&leftOffset=0&topOffset=0&c=qTCuJ9IppL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 16:12:16 GMT
date: Thu, 04 Jan 2024 16:12:16 GMT
x-content-type-options: nosniff
age: 397308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 793857
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A519 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0JdsEJVMNnva0PK4E3wr7RwiuPsKRbcUBKOQOlPSJHN6C2dX-_XNWSqhJkF2xZHuzzy5NlQV528sWhp3Ki7URb_TfIPHF7HYeVAf78Zwz-ZOnR0Vab5SGLhr7ofA&sig=Cg0ArKJSzKv-U9W46XqoEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704782044474&rpt=305&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A519 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7161698358114&version=m202309260101&ct=76&x=8&cor=11430692356585466000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC9F 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssG5RChSty2lPNjlMSFk7uBeMC7BNm0G3Bq0QNYJJ_dZ-uxl6oY7AHWYIWM-o9vW5lDPFP1WJWUZ9PDfoOxp3qemedGheOkELtkt5PHOC7MY9p47Z-4C8UR3Cf1ocnJrDjAH630bDLvckcwa9swfrrSDw&sig=Cg0ArKJSzL4IhFiI5BxVEAE&id=lidar2&mcvt=1000&p=139,1280,389,1580&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2756922945&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704782044434&rpt=508&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 586ms
82ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 Jan 2024 06:34:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 204824
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
385 B 110ms
109ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 230633
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
419 B 33ms
33ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c8bb2e036d1b4d1304201463889db5bc292eb15829c9d8b0cb85bdd502b9b4b0

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 06:34:06 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 08 Feb 2024 06:34:06 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame FD8E 0
0 7ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1704782043258&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C52F 281 B
555 B 12ms
12ms Document
text/html 104.119.110.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.119.110.47 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-110-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 06:34:06 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame F0D8 0
0 7ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1704782043049&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 8945 477 B
319 B 39ms
39ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:34:06 GMT
last-modified: Mon, 18 Dec 2023 11:25:25 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 8709 0
0 7ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1704782043048&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 6ED0 477 B
415 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:34:06 GMT
last-modified: Mon, 18 Dec 2023 11:25:25 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 047F 7 KB
3 KB 87ms
33ms Document
text/html 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 842aa70d4f73661c-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:34:06 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiugiLrpt2WUdpdGYo0nJ3S1jL2moQZEomFXdaoiqIuVpsxFSQbuw63XL2KOEPCE1UzIMve2rJNydzIZRtOERYtPmEL0MFEGHw6O%2BeWoPNq3PZfebyKI05Hvv025%2FP61SFA1vbUr%2FktROA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame C07B 477 B
319 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:34:06 GMT
last-modified: Mon, 18 Dec 2023 11:25:25 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C52F 40 KB
11 KB 14ms
14ms Script
text/html 104.119.110.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.119.110.47 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-110-47.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314358c19c1d0a7c716ad50f6d1df89df00e23cf7da2d4846637707ec0c86742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:34:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 21:37:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54211
Connection: keep-alive
Content-Length: 10964
Expires: Tue, 09 Jan 2024 21:37:37 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 6ED0 90 KB
30 KB 135ms
46ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: c950e349938c8b0e0913df1d1d43449448c58ef71bfa3c804bb94d7f28037ac3

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:06 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 11:54:28 GMT
server: nginx
etag: W/"7badf03d2e0fd9edaf18cc2e28e60eba"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame C07B 90 KB
30 KB 132ms
46ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: c950e349938c8b0e0913df1d1d43449448c58ef71bfa3c804bb94d7f28037ac3

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:06 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 11:54:28 GMT
server: nginx
etag: W/"7badf03d2e0fd9edaf18cc2e28e60eba"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 8945 90 KB
30 KB 129ms
46ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=26734880151260533000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: c950e349938c8b0e0913df1d1d43449448c58ef71bfa3c804bb94d7f28037ac3

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:06 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 11:54:28 GMT
server: nginx
etag: W/"7badf03d2e0fd9edaf18cc2e28e60eba"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 getuid
eb2.3lift.com/ Frame 047F 37 B
140 B 46ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content prebid.gif
as.ck-ie.com/ Frame 047F 0
114 B 400ms
218ms Image
text/plain 8.2.110.113
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.113 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 09 Jan 2024 06:34:06 GMT
Content-Type: text/plain

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame DD90 49 KB
19 KB 125ms
23ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 09 Jan 2024 06:34:06 GMT
etag: W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified: Tue, 12 Dec 2023 09:09:26 GMT
server: CDN77-Turbo
vary: Accept-Encoding Accept-Encoding
x-77-age: 249284
x-77-cache: HIT
x-77-nzt: A8O1rw43Nzf/xM0DANRmOBE3Nzf/AAAAAG09WgJkdZwA
x-77-nzt-ray: 9083393016c16462dee89c651fa63935
x-77-pop: frankfurtDE
x-accel-date: 1704532762
x-accel-expires: @1705569562
x-age-lb: 249284
x-amz-request-id: tx000002fc06539416a6366-0065894919-2bb0e51-prg
x-amz-storage-class: STANDARD
x-cache-lb: HIT
x-rgw-object-type: Normal

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 047F
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZZzo3h3Pgq7zQ4XUgK35JwAA%265211

86 B
516 B

501ms
236ms

Image
image/png

209.192.201.180
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZZzo3h3Pgq7zQ4XUgK35JwAA%265211
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:07 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:34:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9g4%2B99nKy%2F0Zw5me9kHuD6xuEjNZDtEOhiMKStD3uE9ozOmn21rr9bt0jGWNdMrtp%2BnlwAEDsexOFNs8ENsh0h7CX9F%2Fm9xF76GG2Uhs35leduVVzwBuvfeb1axROQXPW4SgcI9p"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZZzo3h3Pgq7zQ4XUgK35JwAA%265211
cache-control: no-cache
cf-ray: 842aa7119df29a05-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame DD90 1 KB
1 KB 65ms
13ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 09 Jan 2024 06:34:07 GMT
content-encoding: gzip
x-age-lb: 330210
x-amz-request-id: tx0000014a4f54b6134e126-006597defd-2bc55ff-prg
x-77-cache: HIT
x-amz-storage-class: STANDARD
x-accel-date: 1704451837
x-77-nzt: A8O1ryc3Nzf/4gkFANRmOBE3NzexWbu8qU/MyAA
x-accel-expires: @1705488637
x-77-age: 330210
x-cache-lb: HIT
last-modified: Tue, 26 Dec 2023 20:45:55 GMT
server: CDN77-Turbo
x-amz-meta-s3cmd-attrs: atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag: W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray: 25b021319e64e361dfe89c65ebfca200
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
x-rgw-object-type: Normal

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5267 16 KB
6 KB 38ms
7ms Document
text/html 184.30.16.195

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=98343
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 09 Jan 2024 06:34:07 GMT
expires: Wed, 10 Jan 2024 09:53:10 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5267 0
42 B 74ms
20ms Script
text/plain 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52957707&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:07 GMT
content-length: 0

GET
H2 204 pixel
ap.lijit.com/ Frame 047F 0
175 B 173ms
28ms Image
text/plain 99.80.50.75

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.50.75 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 06:34:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 047F 0
239 B 32ms
8ms Image
image/gif 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie
cm.adform.net/ Frame 047F 43 B
106 B 108ms
32ms Image
image/gif 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:34:07 GMT
server: nginx
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
helopal.club/	1970-01-20 17:33:16	Name: XSRF-TOKEN Value: eyJpdiI6IklveFVrVk5ISFwveml3dWM3UnVhMnZnPT0iLCJ2YWx1ZSI6IkVla0ZyZjU3SmFkMXZYUG5Hc2hnamhZZjFmQ09lQU9HSEtqXC9kbjFQdThaeFhWcGdVXC8zNUU0SWRabHpjM2hJRSIsIm1hYyI6IjgxNDQ0ZTMzMjA4N2I2MTVjOWE2NmFkM2E0NTRiMzRmNzE3Y2U3Y2MzYTNlY2NhYjRjZjUwZWUxZDBkOWY5YjkifQ%3D%3D
helopal.club/	1970-01-20 17:33:16	Name: helopal_session Value: eyJpdiI6IkFsMDRqa2hndllzbHUyXC9SazAzdXZ3PT0iLCJ2YWx1ZSI6IkpjTzUxbXk2dlYrUUF3eWdFQlpmY0tMelNUXC9YZEpoeW02OVZud0h0c2xiK0swWllBZWxRZjA3R1wvXC8rYmtiT3oiLCJtYWMiOiI1YTRmYTQzYjRkYWQwMWQwYTk5Mjk2N2M4ZDRjZTlkMWRkYjVmNjk1ODQ4NmRiODlkYWNkNzM4NzRlNjgxM2EyIn0%3D
helopal.club/	1970-01-21 03:09:02	Name: language Value: eyJpdiI6IlVoZ0E2MVwvZitQMWFQb1BtMVhCSU1nPT0iLCJ2YWx1ZSI6Inp0bjl1cks3Q2tpYnNheSsxQzBnTmc9PSIsIm1hYyI6ImE4ZDRlMTk0ZTAxY2JiMjMyYzM4YmNjMzExMTk4ZmQxZDc0MTM0Zjk1MzM2NDI3MWE4NjcyYjIzNmNkMjVmZWMifQ%3D%3D
.helopal.club/	1970-01-21 03:09:02	Name: _ga_VWZGSQLZ5T Value: GS1.1.1704782042.1.0.1704782042.0.0.0
.helopal.club/	1970-01-20 17:34:28	Name: _gid Value: GA1.2.1779556984.1704782043
.helopal.club/	1970-01-20 17:33:02	Name: _gat_gtag_UA_176069477_1 Value: 1
.helopal.club/	1970-01-20 17:33:02	Name: _gat_gtag_UA_136873609_1 Value: 1
.helopal.club/	1970-01-21 03:09:02	Name: _ga_WEZNDFHJK0 Value: GS1.1.1704782042.1.0.1704782042.0.0.0
.helopal.club/	1970-01-21 03:09:02	Name: _ga Value: GA1.1.468869383.1704782043
helopal.club/	1970-01-20 18:16:14	Name: _pbjs_userid_consent_data Value: 6683316680106290
.helopal.club/	1970-01-21 02:18:38	Name: _sharedID Value: 46f49215-49b4-4d68-be7e-29ca3d0a3c66
prebid.a-mo.net/	1970-01-20 17:33:02	Name: _Amc_b Value: 0
.helopal.club/	1970-01-21 03:09:02	Name: _ga_Z45V12ZWF9 Value: GS1.1.1704782043.1.0.1704782043.0.0.0
.rubiconproject.com/	1970-01-21 02:18:38	Name: khaos Value: LR5Z7N4L-1V-986B
.rubiconproject.com/	1970-01-21 02:18:38	Name: audit Value: 1\|yQuirGeEF6AyWAQ5ZpV2LyAkF7RiBdb4AgvEG2sPPZqRoUZOq/XfJpYTf02dPH2DISUImsHRrQ4p8wCaDmwsCZzU4JWreVW/+5t0Q3rmwu4ijy0RC4Zd8RuybVyVU0yt
.prebid.a-mo.net/	1970-01-21 02:18:38	Name: __amc Value: 2_1704782043_1704782043
.openx.net/	1970-01-21 02:18:38	Name: i Value: b07d3506-1f50-4b0d-8d00-1cf4ebd6a9aa\|1704782043
.doubleclick.net/	1970-01-20 17:33:05	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-21 02:54:38	Name: uid Value: a6de6f0c-82bb-4aec-9287-8842a9ab5f21
.criteo.com/	1970-01-21 02:54:38	Name: receive-cookie-deprecation Value: 1
.helopal.club/	1970-01-21 02:54:38	Name: cto_bundle Value: ZMFfC19mRG1oOFREJTJCNE9SQ1hLRDg5d2c1cmNaVnZQWW80Nm00WE1yNGZVSmdPcmV5d2RGVkNPcktNMVhwMHVabVczcDk1S2Z6JTJCN1NEZXBvcSUyQmZCSzdTcXBNSmlXbUZsaE5PeXZrdW5LbFVKd1N0WGhHZlhqM3NUOGN2NWluN2kwMEc2cVNNcTFtUTdLSkdPcWFoeGtjUTlqcHclM0QlM0Q
.googleadservices.com/	1970-01-20 19:42:38	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:54:38	Name: IDE Value: AHWqTUmO4E295UJojesM-22mmpHhBBawJqvJbCaBD174VQ4k88Pn3c_o2Iw5qoYROFI
.helopal.club/	1970-01-21 02:54:38	Name: __gads Value: ID=f54da2f32646c7d1:T=1704782043:RT=1704782043:S=ALNI_MZKCZIqBk4B7OkKAUOZ6INYF3gUsA
.helopal.club/	1970-01-21 02:54:38	Name: __gpi Value: UID=00000d3da3026db7:T=1704782043:RT=1704782043:S=ALNI_Ma-GfbNzexxrZbhp0hP9fcyDsprYg
.doubleclick.net/	1970-01-20 21:52:14	Name: APC Value: AfxxVi4LHBmNBloWNr2DdX9QztR2WFl-a5ztAd8zOhFQskS7AkgntA
ads.smartstream.tv/	1970-01-21 02:18:38	Name: DID Value: ffe112ca3e53debe6f4b86332663b07b
ads.smartstream.tv/	1970-01-21 02:18:38	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 02:18:38	Name: permanent Value: 1
cm.adsafety.net/	1970-01-21 02:18:38	Name: UID Value: CM120240109067adac4f0ccdef542ce5
.adsafety.net/	1970-01-21 02:18:38	Name: cm_uid Value: CM120240109067adac4f0ccdef542ce5
cm.adsafety.net/	1970-01-21 02:18:38	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvc3hEbUxyM2h5ZVBLVUxQOUxKWkxjNjV1Q242TEM0OXZtRXpaSWlmT0dMODM3Q3Q0NW9Tb2pVNEw1bnExUzNDRnY0M3RlSUhzaU9melRlNW5Dd2hFbXptdXNwM1ZRdVoyYnl4RU50ZHVaWmIzQjhQRGFsdnRmdXRXLzhHRjdxY0p4Q0liUGJzSmduQWV4dml3eUtrNnIzaFR5RURTSUNKaWR2cVllRzMvenNWaGk0d2JmQW1jOHZYUjB4b1R5WStyRWkzeEdRSDBGeUcxNFRBa3hZaVN2eEJDUzZhMVU4cG9Td3hVNTkxdWNDVWc3OE5rWHJoZERZTGhaRDdRL1Z4c00ybzJJc281SHRGaXFFOUNHdGprVnd6aHdKOENlcm1WTDJMU0pRMnM0TkcvMWVDYnF2QkE1MHhrWDNrOWFVVmJ3PT0%3D
helopal.club/	1970-01-21 02:18:38	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-09T06%3A34%3A06%22%7D
.casalemedia.com/	1970-01-21 02:18:38	Name: CMID Value: ZZzo3h3Pgq7zQ4XUgK35JwAA
.casalemedia.com/	1970-01-20 19:42:38	Name: CMPS Value: 5211
.casalemedia.com/	1970-01-20 19:42:38	Name: CMPRO Value: 5211
.adxpremium.services/	1970-01-20 19:42:38	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaWnpvM2gzUGdxN3pRNFhVZ0szNUp3QUFcdTAwMjY1MjExIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjNUMDc6MzQ6MDcuNzE3MTY5ODY2KzAxOjAwIn19LCJiZGF5IjoiMjAyNC0wMS0wOVQwNzozNDowNy43MTcxNjk0MTQrMDE6MDAifQ==
.ads.pubmatic.com/	1970-01-20 17:34:28	Name: KCCH Value: YES

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ddf4d73e14afb1772de3ed7c248ebd6.safeframe.googlesyndication.com
ads.pubmatic.com
ads.smartstream.tv
adx.adform.net
adxbid.info
ajax.googleapis.com
ap.lijit.com
as.ck-ie.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
cdn.helopal.club
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fun-dare.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
helopal.club
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mp.4dex.io
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
region1.google-analytics.com
rtb.adxpremium.services
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
user-sync.adxpremium.services
vid.vidoomy.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.119.110.47
13.248.245.213
141.95.98.65
142.250.181.226
142.250.184.226
142.250.185.130
145.40.97.66
172.64.151.101
178.250.1.11
184.30.16.195
185.106.140.18
185.184.8.90
185.64.190.78
193.135.9.133
2001:4860:4802:32::36
209.192.201.180
212.77.98.32
212.77.99.29
2600:9000:2250:d400:a:e047:753:a221
2600:9000:243d:1000:11:a4de:2580:93a1
2600:9000:2440:7e00:f:a31d:75c0:93a1
2602:803:c003:200::41
2602:803:c003:200::57
2606:4700:10::ac43:266a
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:8a0d
2606:4700:3034::ac43:be40
2606:4700:3035::6815:5c4b
2606:4700:3035::ac43:8b1d
2606:4700:4400::ac40:994e
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:6ea0:c700::10
2a02:6ea0:c700::11
3.33.220.150
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
37.157.2.230
51.89.9.252
54.78.109.25
65.9.66.122
69.173.144.139
69.173.144.165
8.2.110.113
91.210.226.71
99.80.50.75
0103bf7c99c834ba20e52e039535e05c48eaaefe74c022590f9b9b73be78fbd6
022ae256cf3067eb6c9319fd9acbf1507ed7e1848d4487ad2e0546307a0421a8
036a4139eb6166bdf6ff13b27d5e1578bc23f2282b9ecd95948b6e326b6ce474
0386b422dff8150b1b2c99718f44310173a6210b0d65976eeeabe5ab15730113
0751d7d2aca7f05555f1e5406f2009b916d1f0dfdf9b9383cef14d92e52b65ec
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08668608a7502fae7b7f6d76632b3ec6e458bb76be5937e2c4ba2672df9ad709
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19b4d8c469fb487e3d91066a9e7ce6ffb31004e7745762701a645966dae4e043
1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
21605de773ccbb48062d05679f58a42848461f98d47367ff76cf9fb2961db287
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
25c4013bbf5a2d69ab162f32038a15e5dc075beea7abc0e876b34e7d68e0301c
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2764f4d6b85357ee7e53b42cefbfb8e0da77715508344f8775cb22d4c9c7231c
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
314358c19c1d0a7c716ad50f6d1df89df00e23cf7da2d4846637707ec0c86742
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
354195f8c304909165cccb80957e21e21e344e1cc5513f0a638f0dd491c248cd
387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49f4d38284c03f09b22edfdb1470abb5b7fcbb65108dd0b448036c5b8ed7ec84
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
5158c5fe482856f631bfca622715d04ae078d407051f4ece1c31fbbeafd4f0e0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5723293772da8ae2ec7be68e0557e9f11d0b093b2736609c00ddc40590202671
5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d
5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d8f4d58fc9c2ca59102e1c8d4100707b342db19f53d856d2dcb8d484f1094
6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
65560edeb9bdbf890e2413d1c027c88786cb9824108197bc0e3edbc87349b0bf
65a4a643ac3c95b356f7a0634777352402265b876ddfee93dcaa49e015c49f80
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621
68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af
6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b
6e9a7f933e0c57f7ea795badc45e64669e7abae80dfe123cad87d9310589a87c
6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869
6fdadaacd40057633d19ce14868b83ab76f781214f860e5b93d5e8f37ba1f606
6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6
703bb8e2368c4834a85379660cb12704b9755b965344bbaf71fe6275ea015bee
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08
728608e402685e8ea6113b0dba29cbfd51a705a592a0a6055578f06b6f13d427
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099
740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd
74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7ae5458e4ae4cd3939dbddd57720d0c04d1886bd826b6e72f853e88dade39259
7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fdeedfce57fe3e1959191fe5812817e4befd448d5b2f67f2048a53cc1a55b23
7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194
8052996ac0ffc9d94aebcc8b31176c63d554e8eeae3370f7b50457ba55d84f57
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
931203e765c19059475b32e4dbe1c4a54f56233bae42bca038c43db3efaa23ec
972c58142db01b924c2c46c29da17213d7cba8ac974a037107447cb4e9375d36
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
9b5434da53aeb1b7baa5e7818ac593d6d6ce34e01650a95c77ea36d6ba87b7e8
9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32
9ce8bd0ee36a0c73ad575c2b1a3d8117bb51a83021a64510197960c8fe5a1e72
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a2a09611851d32c9f70ac514e7770a62975835867f0f7215f818ddcc6ee8ddcb
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b
aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abe706510036e3ddfd0c61ee3ee258f2593d53d8e40fa05b21bed6d85a3ae86f
acb4aa3ec97e34c5238403f49f2dec182459afc34725f32acc7b3c533999b0d8
af7ea20ba044dfe8ebef86a572354540925750db7ef3fd79c9266bc35426bce9
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2acf8699aeca3eb2a9bbb13f6da8c092b1c9fcf60b244eb62830faa3204af28
b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094
b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a
b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4ac60c87c47492f559807cc7c3c837079b59e88ae83d07144358fbf8f83a789
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c7d7e0c9f72bbda4c3cab8ce28293170b3563f18af94b4118c2aa5d71b6ba52f
c8bb2e036d1b4d1304201463889db5bc292eb15829c9d8b0cb85bdd502b9b4b0
c950e349938c8b0e0913df1d1d43449448c58ef71bfa3c804bb94d7f28037ac3
cb330b97480e87294d9ebdd7dcdec6248d2c45ed35c5f5c3f0060449528fb2e8
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ce2b5ced6f945c419913bf3a6f4b92b65cb6540efe8d2450941cc54c27579093
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d2ddd27c9f4745599db1a3b636cb80d1e0c99b0540ac7e2109ca49ad033814c7
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d6a249e05eec43e64fd05d644dddacb12b44a00efe99e293b0c15501c98bbeda
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e809b3c3104db4c0e7bbbae328a5d1f853e3b843a86120072392d5aba2e9fc34
e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e8b341873a750b67b8229a4a85f4aba55b1666d4df3221c39bb71ddc9aa9cc
f16d294dac23ba5978cc6148dbe45dd70bbc498b345324d5520344d745ae7d87
f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95
f4a1386445d4e532ca4924466879fa6d1b51e38d63a02208c453de5e8902c233
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

helopal.club Open in urlscan Pro 2606:4700:3034::ac43:be40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

98 %HTTPS

53 %IPv6

43 Domains

68 Subdomains

63 IPs

9 Countries

4979 kBTransfer

9751 kBSize

38 Cookies

3 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helopal.club Open in urlscan Pro
2606:4700:3034::ac43:be40 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

98 %
HTTPS

53 %
IPv6

43
Domains

68
Subdomains

63
IPs

9
Countries

4979 kB
Transfer

9751 kB
Size

38
Cookies

221 HTTP transactions
2 data transactions