petitroom-3.com Open in urlscan Pro
183.90.253.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.petitroom-3.com/
Effective URL:
https://petitroom-3.com/
Submission: On July 09 via api (July 9th 2021, 2:25:11 am UTC) from GB

Summary HTTP 114 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 114 HTTP transactions. The main IP is 183.90.253.34, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is petitroom-3.com.
TLS certificate: Issued by R3 on May 10th 2021. Valid for: 3 months.

This is the only time petitroom-3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	183.90.253.34 183.90.253.34	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	52.194.50.40 52.194.50.40	16509 (AMAZON-02) (AMAZON-02)
1	52.198.26.114 52.198.26.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3039::6815:c034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1	13.225.87.52 13.225.87.52	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	54.72.233.75 54.72.233.75	16509 (AMAZON-02) (AMAZON-02)
114	27

29 183.90.253.34 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1433.xserver.jp

www.petitroom-3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
petitroom-3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.194.50.40 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com

www23.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www16.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.26.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com

www17.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3039::6815:c034 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-52.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Brixton, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.233.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	petitroom-3.com 1 redirects www.petitroom-3.com petitroom-3.com	331 KB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	344 KB
14	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	54 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	631 KB
6	google.com 1 redirects adservice.google.com www.google.com	1 KB
4	webgains.com track.webgains.com diapi.webgains.com	99 KB
3	webgains.io analytics.webgains.io api.webgains.io	60 KB
3	googletagservices.com www.googletagservices.com	101 KB
3	a8.net www23.a8.net www16.a8.net www17.a8.net	157 KB
2	awin1.com www.awin1.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	757 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	662 B
1	googletagmanager.com www.googletagmanager.com	36 KB
114	21

	Domain	Requested by
28	petitroom-3.com	petitroom-3.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net petitroom-3.com tpc.googlesyndication.com pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	petitroom-3.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com petitroom-3.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	cm.g.doubleclick.net	googleads.g.doubleclick.net petitroom-3.com
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	static-de.ad4mat.net	ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	petitroom-3.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www17.a8.net	petitroom-3.com
1	www16.a8.net	petitroom-3.com
1	www23.a8.net	petitroom-3.com
1	www.googletagmanager.com	petitroom-3.com
1	www.petitroom-3.com	1 redirects
114	33

This site contains links to these domains. Also see Links.

Domain
feedly.com
px.a8.net

Subject Issuer	Validity	Valid
www.petitroom-3.com R3	`2021-05-10` - `2021-08-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2021-05-25` - `2022-06-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://petitroom-3.com/
Frame ID: 42D4D40EFD64F7B81D3314DECAEF2C30
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: D099EA4DD435F4BDA7D8E33EB9E4EFF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797491&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797490323&bpp=707&bdt=83&idt=852&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4125035896924&frm=20&pv=2&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=868
Frame ID: DEB159B6C053FACB7867C6E0F97A7152
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8
Frame ID: 0A7859347B49BB774AE8CFBE3E78D08B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14
Frame ID: EAE124A66B5F77C8E9DBDEBD67D89D50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1Xbvc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoEwgFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspD9PFH0mf5jJJc5rpvNBltkiQ4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTUzMDM1NTEzNDM4OTk1MzE&sigh=7SCm5buJ0mY
Frame ID: 4E692800EB3971462B37D36B39612CE4
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
Frame ID: 2A856DFCFD6D18EE443997777310F1F2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C5985251F086418174C7447898DC270
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html
Frame ID: 2A873A0292BB9E59F4AB79FAB5A98779
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CdvNsc7PnYNj4E765x_APhqeE4AiRvuybXqWayv2cCvGH-sHfCxABILHL3C9glQKgAYfoq_QCyAEJqQK5XT1o69-zPqgDAcgDSKoE2AFP0P_dhmjERZ9ZLIQtCXVo3XnSYYkf9ekoOirGcCkWH7zRwjifUxrUHW3BpkoZow2AD3PCKS1TbihWrvYijtLt4CFVb7Fz7KjCntxIIOMyUZDKYRSNfaoQPJpKZr3uouoVInbF0YC16fkSz0_NU6eAvsounlV_bH26Zg7IaTnm-CNVHd3CiLCYMEfP30GFcmm1X78_Q5Y27jR6HeKGOPhEIXuNPtPOjljDfz67kpvECsolLYYe1TD-Nq5QXV9W1rwkDh2chcfsTTSkeUeuaYRylYfnHRQTyIXABKfq5NWeApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCEzQPSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTMwMzU1MTM0Mzg5OTUzMQ&sigh=AdPQUQz0wPs&template_id=419
Frame ID: 6A53043D785D0B7DF731B8A39FA95F15
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 63249539A8D5489D060CC8B284D9FED2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 22F713888F298897ACB0D027D6F9BE8F
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Frame ID: E5F87C7A9661BFEEBC2C5273DF87BC76
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CE7BB0BCC2331725ED2A4927056B57AA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FBB2B82CC22C7DFDDAA73CB1ED2900F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.petitroom-3.com/ HTTP 301
https://petitroom-3.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

114
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

33
Subdomains

27
IPs

6
Countries

1841 kB
Transfer

2970 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://feedly.com/index.html#subscription%2Ffeed%2Fhttps%3A%2F%2Fpetitroom-3.com%2Ffeed%2F

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35U3W5+2YKM2A+444S+626XT
Title:

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35U3W5+2YKM2A+444S+BW8O2&a8ejpredirect=https%3A%2F%2Fcurama.jp%2Flp%2Fuser%2Fcampaign%2F2021%2Fcashback%2F
Title: 【3000円キャッシュバック】エアコンクリーニングキャンペーン詳細を見る

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.petitroom-3.com/ HTTP 301
https://petitroom-3.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtLwuPoT_gAbMqtJHTyL2FsV9eXLfvCIunmWSWbz5RcjRFhLCDOrV_5tzow&google_gid=CAESEFnMGIxF3V9FeJHe50_FqSM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9lemN3QUFCVGxSZGctMw&google_push=AYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtLwuPoT_gAbMqtJHTyL2FsV9eXLfvCIunmWSWbz5RcjRFhLCDOrV_5tzow

Request Chain 57

https://rtb.openx.net/sync/dds?google_gid=CAESEPVqdAVy8FoTGf1IB5sy5co&google_cver=1&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPVqdAVy8FoTGf1IB5sy5co&google_cver=1&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&google_hm=P26KjgLuzw8TOD7P11CV3g==

Request Chain 58

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPDWfUl8zp6FidLYeOfA0dM&google_cver=1&google_push=AYg5qPKuMOWxhtB33BKGA47EeiXfSCYRryF1NlAhmnyYriAq2EUR3IXc4SfoV7P3MPgjVGreCRga6kSv7OLoAIAG0EkBCXuRdcc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPDWfUl8zp6FidLYeOfA0dM&google_cver=1&google_push=AYg5qPKuMOWxhtB33BKGA47EeiXfSCYRryF1NlAhmnyYriAq2EUR3IXc4SfoV7P3MPgjVGreCRga6kSv7OLoAIAG0EkBCXuRdcc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1D4g1Q1LQFyBZIZmeNMPsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuMOWxhtB33BKGA47EeiXfSCYRryF1NlAhmnyYriAq2EUR3IXc4SfoV7P3MPgjVGreCRga6kSv7OLoAIAG0EkBCXuRdcc

Request Chain 59

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcARKnOZFtZ6traJzGFYaM&google_cver=1&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA_AEsJlxZb-UFKAt28w8JoN9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FWUFVMODktQS1LWTFQ&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA_AEsJlxZb-UFKAt28w8JoN9c

Request Chain 60

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_szTZrWOZuE1R57cFXBck&google_cver=1&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

114 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
petitroom-3.com/
Redirect Chain

https://www.petitroom-3.com/
https://petitroom-3.com/

38 KB
9 KB

469ms
468ms

Document
text/html

183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 77c22158748b51a3e3c7a0cbac9865c16f24796fcc69269df9dae46c4f5ed804

Request headers

:method: GET
:authority: petitroom-3.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 09 Jul 2021 02:24:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://petitroom-3.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip

Redirect headers

server: nginx
date: Fri, 09 Jul 2021 02:24:49 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://petitroom-3.com/

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-79568801-1

Requested by

Host: petitroom-3.com
URL: https://petitroom-3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

751731083b3af2e988bcfec12adce9d80b0ab56e1b7b555fcbf44299b6b51ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36863
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Jul 2021 02:24:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: petitroom-3.com
URL: https://petitroom-3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dab87de59f22b0071438d367726f05a5119cfe596ccc9639e77afe9dc9d515e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48691
x-xss-protection: 0
server: cafe
etag: 17275011039004244248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Jul 2021 02:24:50 GMT

GET
H2 200 style.css
petitroom-3.com/wp-content/themes/simplicity2/ 70 KB
20 KB 273ms
271ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/style.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 4065a681bd1cb1b41de006aa017dc110a14248bf245929e1d5f9244ef0c39544

Request headers

:path: /wp-content/themes/simplicity2/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"116ed-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 responsive-pc.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 2 KB
948 B 516ms
514ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/css/responsive-pc.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: a9ceb0224cc39c679ee43c8cb1f37993dae2bf567ec80d8c51832578290c7e5b

Request headers

:path: /wp-content/themes/simplicity2/css/responsive-pc.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"84f-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-awesome.min.css
petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/ 27 KB
7 KB 516ms
514ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

:path: /wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"6b4a-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/ 4 KB
1017 B 517ms
515ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 2aef878dbc7f0c16b6d4f0323041117838b056ee686ad74ce816214657119310

Request headers

:path: /wp-content/themes/simplicity2/webfonts/icomoon/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"f7d-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 extension.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 9 KB
3 KB 516ms
515ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/css/extension.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: f3b29881f7c9a70696f1d51f38c434205629e68d803c9c67ca015ae90d7ade09

Request headers

:path: /wp-content/themes/simplicity2/css/extension.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"2204-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
petitroom-3.com/wp-content/themes/simplicity2-child/ 157 B
289 B 516ms
515ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2-child/style.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 001752870f01e7631a31c0be7e93c6fb39b80a9247f50614b4138325b6bef36c

Request headers

:path: /wp-content/themes/simplicity2-child/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
last-modified: Fri, 17 Mar 2017 08:10:30 GMT
server: nginx
accept-ranges: bytes
etag: "9d-54ae8b601e980"
content-length: 157
content-type: text/css

GET
H2 200 styles.css
petitroom-3.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
832 B 516ms
515ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2017 06:25:49 GMT
server: nginx
etag: W/"646-55ab2adbbd540"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.js Show response
petitroom-3.com/wp-includes/js/jquery/ 95 KB
39 KB 516ms
515ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-includes/js/jquery/jquery.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

:path: /wp-includes/js/jquery/jquery.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 09:29:55 GMT
server: nginx
etag: W/"17a6a-591caf6eb545b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
petitroom-3.com/wp-includes/js/jquery/ 10 KB
4 KB 516ms
516ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2016 21:11:28 GMT
server: nginx
etag: W/"2748-533386ae30000"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 4642749_m-150x150.jpg
petitroom-3.com/wp-content/uploads/2021/05/ 6 KB
6 KB 268ms
264ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2021/05/4642749_m-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 4e1c72ad3ae6a849d53fe9e79f9f4d4cc5fc09467d074257311ba5e156c51159

Request headers

:path: /wp-content/uploads/2021/05/4642749_m-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 21 May 2021 08:32:17 GMT
server: nginx
accept-ranges: bytes
etag: "1977-5c2d2e5c653e2"
content-length: 6519
content-type: image/jpeg

GET
H2 200 IMG_4923-150x150.jpg
petitroom-3.com/wp-content/uploads/2021/04/ 7 KB
7 KB 269ms
266ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2021/04/IMG_4923-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 4eeaa480509e6ba47f05ba62cf46e6ee834bada7c17fe6afdbdaeec9e6243a7c

Request headers

:path: /wp-content/uploads/2021/04/IMG_4923-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Tue, 06 Apr 2021 08:06:50 GMT
server: nginx
accept-ranges: bytes
etag: "1a2b-5bf494bebaca1"
content-length: 6699
content-type: image/jpeg

GET
H2 200 IMG_4204-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/12/ 38 KB
38 KB 269ms
266ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2020/12/IMG_4204-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 0e26c948164ba483456110b0ffff9994a1644daeb96db9c6f3349898beecc3b6

Request headers

:path: /wp-content/uploads/2020/12/IMG_4204-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Mon, 07 Dec 2020 06:53:21 GMT
server: nginx
accept-ranges: bytes
etag: "97e1-5b5da4822dfff"
content-length: 38881
content-type: image/jpeg

GET
H2 200 IMG_3998-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 5 KB
5 KB 269ms
266ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2020/10/IMG_3998-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 32e367ec71e96f0d9f0fb26153fa7333d7b4dc1118f3bc70f85455e860751b20

Request headers

:path: /wp-content/uploads/2020/10/IMG_3998-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Sat, 31 Oct 2020 07:58:23 GMT
server: nginx
accept-ranges: bytes
etag: "1391-5b2f2e09b7a72"
content-length: 5009
content-type: image/jpeg

GET
H2 200 13%E6%97%A5%E7%9B%AE-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 7 KB
7 KB 401ms
401ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2020/10/13%E6%97%A5%E7%9B%AE-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: c3b08b7a65195dffb8293a29aa77d5a756334fcbac259d742c67b7bdf30c4fea

Request headers

:path: /wp-content/uploads/2020/10/13%E6%97%A5%E7%9B%AE-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Sat, 17 Oct 2020 08:21:02 GMT
server: nginx
accept-ranges: bytes
etag: "1d3f-5b1d98fd6d9ad"
content-length: 7487
content-type: image/jpeg

GET
H2 200 pexels-pixabay-34702-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 9 KB
9 KB 401ms
401ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2020/10/pexels-pixabay-34702-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: ac2155b4d069162e22db4b3890769c10b096095fa949f8de1183ba55aaed09a5

Request headers

:path: /wp-content/uploads/2020/10/pexels-pixabay-34702-150x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Tue, 06 Oct 2020 08:05:39 GMT
server: nginx
accept-ranges: bytes
etag: "247c-5b0fc108a5142"
content-length: 9340
content-type: image/jpeg

GET
H2 200 c2004-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/09/ 9 KB
9 KB 264ms
264ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2020/09/c2004-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 7b5c6e6dcc7aaf85b42c5f44b05709680391b778a02bc4507c1bb340504ee65e

Request headers

:path: /wp-content/uploads/2020/09/c2004-150x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Sat, 12 Sep 2020 09:29:16 GMT
server: nginx
accept-ranges: bytes
etag: "2543-5af1a6f5e1fea"
content-length: 9539
content-type: image/jpeg

GET
H2 200 nod10-150x150.jpg
petitroom-3.com/wp-content/uploads/2018/10/ 4 KB
4 KB 267ms
265ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2018/10/nod10-150x150.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 80fd2462d17008fe27ca99ba416a92f1337b7327707828d3592129bff057bde3

Request headers

:path: /wp-content/uploads/2018/10/nod10-150x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 05 Oct 2018 05:42:20 GMT
server: nginx
accept-ranges: bytes
etag: "f9b-57774bc24e700"
content-length: 3995
content-type: image/jpeg

GET
H2 200 no-image.png
petitroom-3.com/wp-content/themes/simplicity2/images/ 903 B
1 KB 266ms
265ms Image
image/png 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/images/no-image.png
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 396067957f0521fcfcb16de6a2a5718a98bd0cddecc193ed518683ca92cc64d3

Request headers

:path: /wp-content/themes/simplicity2/images/no-image.png
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
accept-ranges: bytes
etag: "387-54ae8b26e6280"
content-length: 903
content-type: image/png

GET
H/1.1 200
OK bgt
www23.a8.net/svt/ 156 KB
156 KB 1261ms
493ms Image
image/gif 52.194.50.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www23.a8.net/svt/bgt?aid=191201333179&wid=001&eno=01&mid=s00000019198001018000&mc=1
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.50.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9b8f7e9c1018c6c3ceae5757e03555864eb0c0049c5182d9d745b21c61968c33

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Jul 2021 02:24:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 159951
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www16.a8.net/ 43 B
184 B 985ms
246ms Image
image/gif 52.194.50.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www16.a8.net/0.gif?a8mat=35U3W5+2YKM2A+444S+626XT
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.50.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Jul 2021 02:24:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www17.a8.net/ 43 B
184 B 1348ms
337ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.a8.net/0.gif?a8mat=35U3W5+2YKM2A+444S+BW8O2
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Jul 2021 02:24:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 javascript.js Show response
petitroom-3.com/wp-content/themes/simplicity2/ 18 KB
6 KB 265ms
265ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/javascript.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 54192cf9443a6bdf81131a5878d810b3806966dc44285315cd81b22938376e69

Request headers

:path: /wp-content/themes/simplicity2/javascript.js
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"483f-54ae8b26e6280"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 javascript.js Show response
petitroom-3.com/wp-content/themes/simplicity2-child/ 300 B
443 B 264ms
263ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2-child/javascript.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 410bbef10cc0a50e426c6cd819887a9b22cb9d412e1c92a40e5324907927c6e2

Request headers

:path: /wp-content/themes/simplicity2-child/javascript.js
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:10:30 GMT
server: nginx
accept-ranges: bytes
etag: "12c-54ae8b601e980"
content-length: 300
content-type: application/javascript

GET
H2 200 scripts.js Show response
petitroom-3.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 264ms
264ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:50 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2017 06:25:49 GMT
server: nginx
etag: W/"3654-55ab2adbbd540"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
petitroom-3.com/wp-includes/js/ 1 KB
901 B 264ms
264ms Script
application/javascript 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-includes/js/wp-embed.min.js
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 01:30:40 GMT
server: nginx
etag: W/"56a-5c00ced85c445"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 print.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 1 KB
774 B 264ms
264ms Stylesheet
text/css 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/css/print.css
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564

Request headers

:path: /wp-content/themes/simplicity2/css/print.css
pragma: no-cache
cookie: _ga=GA1.2.341374868.1625797491; _gid=GA1.2.1123683048.1625797491; _gat_gtag_UA_79568801_1=1; __gads=ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
etag: W/"52e-54ae8b26e6280"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79568801-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3546
date: Fri, 09 Jul 2021 01:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 09 Jul 2021 03:25:45 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 240 KB
89 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91202
x-xss-protection: 0
server: cafe
etag: 7944902488587866712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Jul 2021 02:24:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame D099 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210701/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 08 Jul 2021 22:48:03 GMT
expires: Thu, 22 Jul 2021 22:48:03 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 13007
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 inte1.jpg
petitroom-3.com/wp-content/uploads/2017/03/ 49 KB
49 KB 402ms
401ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2017/03/inte1.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: c8cbda8236e456a9d7f9522446c5edc10506a00782c4e37089b37f2aca575410

Request headers

:path: /wp-content/uploads/2017/03/inte1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:27:08 GMT
server: nginx
accept-ranges: bytes
etag: "c21c-54ae8f17e2f00"
content-length: 49692
content-type: image/jpeg

GET
H2 200 cropped-inte1.jpg
petitroom-3.com/wp-content/uploads/2017/03/ 14 KB
14 KB 402ms
401ms Image
image/jpeg 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petitroom-3.com/wp-content/uploads/2017/03/cropped-inte1.jpg
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 34dbf32ffd29959cee88c13596232d5af7c5513f847c673a598bf802916ebc17

Request headers

:path: /wp-content/uploads/2017/03/cropped-inte1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: petitroom-3.com
referer: https://petitroom-3.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:27:27 GMT
server: nginx
accept-ranges: bytes
etag: "38da-54ae8f2a019c0"
content-length: 14554
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ba0e0468290efccde7ac41afff618243e60020f5228312ff8d38368f0916d74

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icomoon.ttf
petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/ 17 KB
18 KB 275ms
274ms Font
application/font-sfnt 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?szquq3
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: 5941d6cbaf28a4b41cf3b6bbc4e200ca1890b69071e9a102b76a3669bb7faef3

Request headers

:path: /wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?szquq3
pragma: no-cache
origin: https://petitroom-3.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: petitroom-3.com
referer: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://petitroom-3.com
Referer: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
accept-ranges: bytes
etag: "4590-54ae8b26e6280"
content-length: 17808
content-type: application/font-sfnt

GET
H2 200 fontawesome-webfont.woff2
petitroom-3.com/wp-content/themes/simplicity2/webfonts/fonts/ 65 KB
65 KB 509ms
508ms Font
application/octet-stream 183.90.253.34
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv1433.xserver.jp
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

:path: /wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.5.0
pragma: no-cache
origin: https://petitroom-3.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: petitroom-3.com
referer: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://petitroom-3.com
Referer: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
last-modified: Fri, 17 Mar 2017 08:09:30 GMT
server: nginx
accept-ranges: bytes
etag: "10440-54ae8b26e6280"
content-length: 66624

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2136677203&t=pageview&_s=1&dl=https%3A%2F%2Fpetitroom-3.com%2F&ul=en-us&de=UTF-8&dt=Petitroom%E3%80%80No.3%20%7C%20%E3%81%A1%E3%82%87%E3%81%A3%E3%81%A8%E3%81%97%E3%81%9F%E5%B7%A5%E5%A4%AB%E3%81%A7%E6%AF%8E%E6%97%A5%E3%81%AE%E7%94%9F%E6%B4%BB%E3%82%92%E6%A5%BD%E3%81%97%E3%81%8F%E3%81%97%E3%81%9F%E3%81%84%EF%BC%81%E8%87%AA%E3%82%89%E3%81%AE%E5%BF%98%E5%82%99%E9%8C%B2%E3%81%A0%E3%81%91%E3%81%A7%E3%81%AA%E3%81%8F%E3%81%8A%E5%BD%B9%E7%AB%8B%E3%81%A1%E3%82%B5%E3%82%A4%E3%83%88%E7%9B%AE%E6%8C%87%E3%81%97%E3%81%A6%E3%81%BE%E3%81%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2087134619&gjid=1106621573&cid=341374868.1625797491&tid=UA-79568801-1&_gid=1123683048.1625797491&_r=1&gtm=2ou770&z=329492028

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://petitroom-3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
662 B 85ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=petitroom-3.com&callback=_gfp_s_&client=ca-pub-5303551343899531

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a883d336a765d70f6d5e467175932b558cfd1aa094bad3024494acdc7136efad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=petitroom-3.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=petitroom-3.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEB1 30 KB
2 KB 73ms
72ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797491&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797490323&bpp=707&bdt=83&idt=852&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4125035896924&frm=20&pv=2&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=868

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1a45f8130ff959aa9a7269118def429057b95fd88f88f66cfc5408677e5912e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797491&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797490323&bpp=707&bdt=83&idt=852&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4125035896924&frm=20&pv=2&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=868
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Jul 2021 02:24:51 GMT
server: cafe
content-length: 1778
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Jul-2021 02:39:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Jul 2021 02:24:51 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:24:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-79568801-1&cid=341374868.1625797491&jid=2087134619&gjid=1106621573&_gid=1123683048.1625797491&_u=YEBAAUAAAAAAAC~&z=890401553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 09 Jul 2021 02:24:51 GMT
content-type: text/plain
access-control-allow-origin: https://petitroom-3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=petitroom-3.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=petitroom-3.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A78 16 KB
7 KB 285ms
285ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b390b51a00f50632745b3d518fc93090a13b8dd1dc3540620dda30b884d5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Jul 2021 02:24:51 GMT
server: cafe
content-length: 7232
x-xss-protection: 0
set-cookie: IDE=AHWqTUmNXXx78zf4OKCFXYMInFvsK1MHxvh9HXmygxlrtT1ElW78U0sY3cJWruTcFQY; expires=Wed, 03-Aug-2022 02:24:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Jul 2021 02:24:51 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAE1 121 KB
39 KB 379ms
379ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66176508f355dcbe055c1ca2c08d5e58eb59a9a4fc4e05288abaae5380e4a37f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJj-yc_31PECFb7cEQgdhhMBjA&gqi=c7PnYNGnE8KM7_UPm_Oz2AE&layout=/sadbundle/%24csp%253Der3%24/4351612859306125195/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJj-yc_31PECFb7cEQgdhhMBjA&gqi=c7PnYNGnE8KM7_UPm_Oz2AE&layout=/sadbundle/%24csp%253Der3%24/4351612859306125195/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Jul 2021 02:24:51 GMT
server: cafe
content-length: 40279
x-xss-protection: 0
set-cookie: IDE=AHWqTUnpuOYu84JxGDwNWlAqBUCga1wLlGNx67BZRY_kHoULUtjQJOdnBCjY4E89zf0; expires=Wed, 03-Aug-2022 02:24:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Jul 2021 02:24:51 GMT
cache-control: private

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E69 0
0 21ms
20ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Xbvc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoEwgFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspD9PFH0mf5jJJc5rpvNBltkiQ4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTUzMDM1NTEzNDM4OTk1MzE&sigh=7SCm5buJ0mY

Requested by

Host: petitroom-3.com
URL: https://petitroom-3.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 09 Jul 2021 02:24:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4E69 0
0 336ms
318ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1knd723v0d2wmwgydt0cej42pwep3emte0mym47k2wbnqqrycabepmj1jf3qk128m3z0nz00t07mzcpsc37b5f0w2dxj8hnte82kc5e0v7egz5mfbx4f8v1pnxyhwnhcj6702pjfrdxdqk6a9gk80y5j1zhhjxjx83fakgf82wrr62rbfpnacas0qdcwebjpx092c2xhz1jnafvq4zpq679s186xtg8x0a4neyf9q8sbqe61jr2t7sgkzpkfjm3j6hmrqxh8tat9snbbak5c3qm9yc2pcg8t8mrm8x2e1ww78efq2j5q8m87v69vj2968n04m0rhe851v57nw777aen4skmywgs3hsbyvp5v8e67t4agh0ag6eq99k6z26r56rnsqs0m&b=YOezcwAE4dsIEde-AANTweorP3BJ5BukryD2dw
Requested by: Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Jul 2021 02:24:51 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 2A85 2 KB
2 KB 41ms
19ms Document
text/html 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f4a3170935611e80e4c86893dfa7367a8a40fdc6b4b71be30c949599422c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66be1932a8914ebc-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 4E69 3 KB
1 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 02:17:42 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C59 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 08 Jul 2021 03:09:05 GMT
expires: Fri, 09 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83746
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E69 123 KB
37 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:24:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 4E69 14 KB
7 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 01:48:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4E69 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQP-hu2FOnHGUpCDoFuwRU1GRnp7siJZokeT2Al66WEm26eJrgDx5cJ-Zv9yBqCI0j17E-VcgSUYysQIunrwW7ynXkJcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9C59 35 B
463 B 379ms
24ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO7Etk93b7DgNJ9I6MN9LZg&google_cver=1&google_push=AYg5qPJCJnchkeSir64nLxPAB9rM4KJpiua_toq07ZMVrGsCHLfEgmtL0xIAQMuBReZUVzwfcGTYsYKu14X38taLATcRO1RP-Ww

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9C59
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtL...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9lemN3QUFCVGxSZGctMw&google_push=AYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtLwuPoT_gAbMqtJHTyL2FsV9eXLfvCIunmWSWbz5RcjRFhLCDOrV_5tzow

170 B
188 B

61ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9lemN3QUFCVGxSZGctMw&google_push=AYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtLwuPoT_gAbMqtJHTyL2FsV9eXLfvCIunmWSWbz5RcjRFhLCDOrV_5tzow

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU9lemN3QUFCVGxSZGctMw&google_push=AYg5qPLSTdz2lT2F_3NOwkWjn4CYfRyBUTiB9P2CjtLwuPoT_gAbMqtJHTyL2FsV9eXLfvCIunmWSWbz5RcjRFhLCDOrV_5tzow
Date: Fri, 09 Jul 2021 02:24:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C59
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPVqdAVy8FoTGf1IB5sy5co&google_cver=1&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc
https://rtb.openx.net/sync/dds?google_gid=CAESEPVqdAVy8FoTGf1IB5sy5co&google_cver=1&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&google_hm=P26KjgLuzw8TOD7P11CV3g==

170 B
232 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&google_hm=P26KjgLuzw8TOD7P11CV3g==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC3dZRbu1JQ6vdpDkKfoj60cui3LmYDeVK5cF6EAMUwF--BPmz7AnqogsxzqfFV8HNXTqEA-KDIi55pYeM7k-jGA2Mgpc&google_hm=P26KjgLuzw8TOD7P11CV3g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 5j7i5iega92tei1879qff593pqf4sa84

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C59
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1D4g1Q1LQFyBZIZmeNMPsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1D4g1Q1LQFyBZIZmeNMPsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuMOWxhtB33BKGA47EeiXfSCYRryF1NlAhmnyYriAq2EUR3IXc4SfoV7P3MPgjVGreCRga6kSv7OLoAIAG0EkBCXuRdcc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1D4g1Q1LQFyBZIZmeNMPsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuMOWxhtB33BKGA47EeiXfSCYRryF1NlAhmnyYriAq2EUR3IXc4SfoV7P3MPgjVGreCRga6kSv7OLoAIAG0EkBCXuRdcc
date: Fri, 09 Jul 2021 02:24:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9C59
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcARKnOZFtZ6traJzGFYaM&google_cver=1&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FWUFVMODktQS1LWTFQ&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA_AEsJlxZb-UFKAt28w8JoN9c

170 B
188 B

62ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FWUFVMODktQS1LWTFQ&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA_AEsJlxZb-UFKAt28w8JoN9c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FWUFVMODktQS1LWTFQ&google_push=AYg5qPLBlHxgAVljgvTfAWiEQTqZ4cQ-HhUEZAtDZirL_rBKUeHl2842Q975nEb6Rbm-8wBPYmA_AEsJlxZb-UFKAt28w8JoN9c
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9C59
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_szTZrWOZuE1R57cFXBck&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZ...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 9C59 43 B
296 B 97ms
22ms Image
image/gif 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDyzx9LhJCLS0C8DjVkgyq0&google_cver=1&google_push=AYg5qPJ9lmaXRZVhQ62egdZnFxaqkvODa0tHA9Y5xZTlF7ILFMO-e7ra-L8U-hqdFqlE5F6LwvNm-Ph1Bs26DkahMf4kNZ6MXFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797491&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=2&bdt=1053&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0&nras=2&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=asNLkZmEQ9&p=https%3A//petitroom-3.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C59 0
253 B 88ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ktz4t67wQPT0f3WbVa0yB0ZPcK6W0xz6Ql-HXdd08lRlHcvkHmMW62-Yceq-Nee-oMLy2J

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4E69 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 784e7187588dac9d8baebffd4fd47dce7cf0a804bc96ed27b0c0692251ad3a52

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 2A85 58 KB
7 KB 24ms
15ms Stylesheet
text/css 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 921153
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tz2d1oQFhOx7AEMOi9AhBhZnoYPw7pEjJMsi3vSraEILl2nledDvqLLvr6eQAPY6UFjc%2BlLUZY5TVsqDtlQkza4QcxzJKh1bp94afiFVxDvI%2BFuxth2lyoEiFCFHqHCZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 66be19330c14061c-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 2A85 36 KB
12 KB 33ms
24ms Script
application/javascript 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51338
x-guploader-uploadid: ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:08:33 GMT
server: cloudflare
etag: W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EIOY74ctsBZFijC7IvvSDNGEIHRFNW4jDWMDyugT5Ht54IejBi7cec0MsT%2BfHHRnCiB6we35PrcB8xUZy34iZRfsXheE2EqmRO7OAGKfxPMsH4lfNVXmZ%2Fm4%2BpbzYSxM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672513020985
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11953
cf-ray: 66be19330c16061c-FRA
expires: Thu, 08 Jul 2021 12:09:13 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 10 KB
3 KB 23ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Requested by

Host: petitroom-3.com
URL: https://petitroom-3.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b21c46c6f836d01f9dc6e210e7911ab73548552698f1f2feb346c0885d7e919

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4351612859306125195/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3292
date: Tue, 06 Jul 2021 13:28:19 GMT
expires: Wed, 06 Jul 2022 13:28:19 GMT
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 219392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A53 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdvNsc7PnYNj4E765x_APhqeE4AiRvuybXqWayv2cCvGH-sHfCxABILHL3C9glQKgAYfoq_QCyAEJqQK5XT1o69-zPqgDAcgDSKoE2AFP0P_dhmjERZ9ZLIQtCXVo3XnSYYkf9ekoOirGcCkWH7zRwjifUxrUHW3BpkoZow2AD3PCKS1TbihWrvYijtLt4CFVb7Fz7KjCntxIIOMyUZDKYRSNfaoQPJpKZr3uouoVInbF0YC16fkSz0_NU6eAvsounlV_bH26Zg7IaTnm-CNVHd3CiLCYMEfP30GFcmm1X78_Q5Y27jR6HeKGOPhEIXuNPtPOjljDfz67kpvECsolLYYe1TD-Nq5QXV9W1rwkDh2chcfsTTSkeUeuaYRylYfnHRQTyIXABKfq5NWeApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCEzQPSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTMwMzU1MTM0Mzg5OTUzMQ&sigh=AdPQUQz0wPs&template_id=419

Requested by

Host: petitroom-3.com
URL: https://petitroom-3.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 09 Jul 2021 02:24:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 6A53 17 KB
7 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 02:11:25 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 6A53 3 KB
1 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 02:17:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A53 123 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:24:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 6A53 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 01:48:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6A53 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUeHhlSJoTbyCk-Bs-ugcSQhgUykDD3scMVpzb_Teon1tkweVeecEnJRYTeGpa3CqD6GkyzoOz2sK1VWkXxbSBkdWzWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2A85 3 KB
4 KB 33ms
13ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2555109
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ash77dza6dTg3IWvwEGU7ElXLIpooMIJxCUiLrFvw41kq0cAZ2raoOpxiHcgPfDAPrpOD2%2B1sw%2Bmn5SU0HaJtFx%2FNn9mIbZmKZrRMXIMJ4ZPk4eQ1Xo8T17yRJHelzK6NWVlEndD6mvUwm8PmK8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 66be193379c8d6d5-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 6324 2 KB
2 KB 13ms
13ms Document
text/html 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 09 Jul 2021 03:24:51 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1315734
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6BDbbCfBN7soTO2T93tNiYi7Go3REpv44ST4PPjAfDABA6dL4KROQfvc0eRmGSeDPnbDfFEPraPIe69vC2yBCpxntuJm0GYSqcBAU7FK0%2FM56l7VizbRHjlwhBac0E5r"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66be19336c65061c-FRA
content-encoding: br

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 22F7 143 B
163 B 7ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpuOYu84JxGDwNWlAqBUCga1wLlGNx67BZRY_kHoULUtjQJOdnBCjY4E89zf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797491&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797491293&bpp=1&bdt=1054&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ddf66be83013424-2298c5cf69c9006f%3AT%3D1625797491%3ART%3D1625797491%3AS%3DALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4125035896924&frm=20&pv=1&ga_vid=341374868.1625797491&ga_sid=1625797491&ga_hid=2136677203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061662%2C31061420&oid=3&pvsid=2122100125977154&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=k5WsECio1Y&p=https%3A//petitroom-3.com&dtd=14

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 09 Jul 2021 01:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6A53 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97825f8691c7c789ff9d692226e6975feef0af055e5c857c4d14fa0535a3d4e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 6A53 0
20 B 28ms
14ms Other
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJj-yc_31PECFb7cEQgdhhMBjA&gqi=c7PnYNGnE8KM7_UPm_Oz2AE&layout=/sadbundle/%24csp%253Der3%24/4351612859306125195/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2A87 9 KB
3 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2A87 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 12:37:33 GMT

GET
H3-29 200 HYPE-648.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 53 KB
23 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/HYPE-648.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 219391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23314
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 13:28:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 13:28:20 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 22F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
16ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpuOYu84JxGDwNWlAqBUCga1wLlGNx67BZRY_kHoULUtjQJOdnBCjY4E89zf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Jul 2021 02:24:51 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 09-Jul-2021 03:24:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Jul 2021 02:24:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Jul 2021 02:24:51 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 rs Show response
ad4m.at/ Frame 2A85 1 KB
2 KB 19ms
19ms XHR
text/plain 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aed65b664e52df7e51727bb9bf6260f712dd93f6f57ca604abc911cd38b6fea6

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gyvm6zctvscr6wxa73xmxg9qswtmtw6kfk2dhd7n9nmr4w7r2j25ayat567drzq06sr8zatff7ne1y3azww7q4yha808w39brv4h4rggp47qgtqg2889k5zbhzfcr0atc371ybvmzbee5a7dtg0y2sj3he5mhknfkkm237btf608jrc56hfw1hbn57vfftx2nst3fjw0cx27vbgddrb86p55wbsd6bgq2ramrd30baxvfsrtpj49egbypw8d7yh6gq8kg4cd1xkq8bzsbbtk5zq763zdytn05yp919s70ztxdfdhcz448mjw008dazwmw2zygnqexksy2wm16mqj5ywkqsddm6mct7kx2h42frv42142twqxqr7z6pae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%26client%3Dca-pub-5303551343899531%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 66be1933bcb3061c-FRA
date: Fri, 09 Jul 2021 02:24:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kF4iceThjGrZd%2FL0JwM23WC4KUACeLtSckjfN1XlC2TOKDdWdOLKfsyWjluwn%2B8zlk%2BFt2GlWokUpAhVhmzc20CoXdFQR2jRaJyIl8KAXW6op4TZhEe%2BSkhWHsORnr3H"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-rvz5

GET
H3-29 200 fischers-fritze-entdecken_930x180_btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 917 B
943 B 8ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-entdecken_930x180_btn.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc67119b24683bf39f35d73e1ec8ff040ddb175a35d5e6fb516dcd9b202d322d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 214525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 917
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 14:49:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:49:26 GMT

GET
H3-29 200 fischers-fritze-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d260a43ba0f6ae58183a49c9abe68010def8990e98795f3f79b6a662bf73e8b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2606
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 04:01:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:01:39 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_930x180_mood-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 14 KB
14 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-manufaktur-armband_930x180_mood-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6de414ba4973b2d8efffc4b9088b707adecfa2af101a824fa3a5dcfa5fe03757

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 214525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14395
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 14:49:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:49:26 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_930x180_mood-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 8 KB
8 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-manufaktur-armband_930x180_mood-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85ab0dd72292cba70238dbb389b7a913a4ee1764fc609488654f677f2121ccbb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 201914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8518
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 18:19:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 18:19:37 GMT

GET
H3-29 200 fischers-fritze-manufaktur-armband_930x180_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 7 KB
7 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-manufaktur-armband_930x180_txt.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e3c399131fd54514fb8f6807ab3007294d493476d5a60220fa8db04d9f0daf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6781
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 04:01:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:01:39 GMT

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-schwarz_930x180_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 20 KB
20 KB 12ms
11ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-armband-segeltau-garnele-schwarz_930x180_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e985b3052675be83763307225b0be3cb4e297cc034fc14787c6ed412d52f0b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20580
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 04:01:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:01:39 GMT

GET
H3-29 200 fischers-fritze-armband-leder-garnele-braun_930x180_2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 22 KB
22 KB 11ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-armband-leder-garnele-braun_930x180_2-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e67d7865e603df14559c911af63fa363780bd35bcdaf826495528706cf487f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22136
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 04:01:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:01:39 GMT

GET
H3-29 200 fischers-fritze-armband-segeltau-garnele-rot_930x180_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/ Frame 2A87 24 KB
24 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/fischers-fritze-armband-segeltau-garnele-rot_930x180_3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4351612859306125195/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1fbe94a44c01febabaeca4dd15ef3e6148cfee4b507d2f10e7a690a5f18913

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24489
x-xss-protection: 0
last-modified: Fri, 16 Aug 2019 15:12:42 GMT
server: sffe
date: Tue, 06 Jul 2021 04:01:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:01:39 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame E5F8 10 KB
4 KB 30ms
24ms Document
text/html 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6542fe24e2c829b28a3c8526550f6e8a017d3ed56349e55c1f178c00cb5914

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66be1933e9ab4ebc-FRA
content-encoding: br

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A87 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 08:29:28 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame E5F8 64 KB
7 KB 16ms
16ms Stylesheet
text/css 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 926430
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 66be19341cf6061c-FRA
expires: Fri, 09 Jul 2021 03:24:51 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E5F8 18 KB
19 KB 44ms
36ms Image
image/webp 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 554017
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwOGp5bgSvwEzU_da1b77w9WducnNtAstYqvxSKIr83PnCr9Z1OUEVynQSlskeHgfZHvWTiqDm_G4ijz27hD2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8FiVJA3%2FJ1YEu3trFA2dvLwndCWhoyI6qh1hcyVk2TT96W8N%2BLtMAwOydJ07nq1QF9rkX7gfiWkHpeycqrODWu61dGSmfcT1dsadb0PejnFTge5IEMXU%2BxS6BnG%2FzAqIahEkRHFnqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 66be193429d34ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame E5F8 300 KB
301 KB 28ms
20ms Image
image/webp 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 202692
cf-polished: origFmt=png, origSize=594083
x-guploader-uploadid: ADPycdvWJ381jsUt3c2bnyOhsBN8eT56nGWU8guSKptbqewJ7lWXtv7hCFpR_BhaOadTH3GNJmU2b2YxIsOfzxtQN1GTJaUo4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 307160
last-modified: Tue, 22 Jun 2021 13:51:23 GMT
server: cloudflare
etag: "9a0a002558a36452340ebf683fe225d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bl55X4CdC3N2ubdZoCsAs7jGqI4xAU5CbQFD6IiYmKT8nl8ujQk8T3XiTuQP1Q%2Fe2clK5m7dhLsSMYcQDA2o8%2FvGzAnNcoKsYilHTk%2Fb%2BSjWZp2vw2AkOeJ%2Fj3d5aoRiILE%2F1lswZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624369883413081
content-type: image/webp
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 594083
accept-ranges: bytes
cf-ray: 66be193429d14ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E5F8 43 B
702 B 99ms
50ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Jul 2021 02:24:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E5F8 38 KB
39 KB 27ms
20ms Image
image/webp 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201165
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hObUAN9FZCsrexeceWdp5VarLlntdFpYl1uGjsZPYwaV2jNfOavqyjhuwqADn5Tpz3CrHjVx5g29R10xgyhPR%2FHS6Q8tFd%2B1y%2B6dX9KjvxB79vvs3iewUYa4efrd95GE%2Bg5RRGGX9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 66be193429cf4ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E5F8 113 KB
113 KB 20ms
13ms Image
image/webp 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 197180
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hxuEBgAKvRnyloPBGiHmbTOTJUxzmqbGlt1hZU8kbxIRUKVYhcf3Nb%2FVxu4wf5PI5w%2FYv%2BD22KErwZpWknZK%2BzefnIjeDkSoCgJbX9yEsu1M83LjhtgaWRwbLi%2BFX0OfkWB%2BUCyqIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 66be193429d54ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E5F8 43 B
702 B 122ms
60ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Jul 2021 02:24:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E5F8 38 KB
38 KB 28ms
21ms Image
image/webp 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 204512
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdu0NdDV6uwVZ6V13FVfdyR8XwOYKSgjjNc0acRxVoEA3EnSDftyN5e9NVmePTjPRBpccOWs0YG6A3qSHVVM05SbZtkZjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lClW3aITW26D%2FdmOIBi69f%2F6sD0iHeGIvqSvC0v%2Bn%2FjR7YzUiCtwyeosVPRMhcTFQ%2BecoICPho8yBgtm5XqVtlDlxQokLzZYODMB3cAB4qGe7%2FEP%2FpSjgUtjo7eyhttiTkLNdwKuQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 66be193429d04ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E5F8 84 KB
84 KB 27ms
20ms Image
image/jpeg 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Fri, 09 Jul 2021 02:24:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1315643
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k6lknLrWt38Ta6JdqMQ42wWSkkQz8cnFhw%2F0BeXQXLQzA4SuMkFXOSBMeGDKiWnYrbgZ%2B5%2BhPYS2wBHRoMt%2B4%2BG2m5229nvA5R%2FmOmBi%2B5vgpFC9yw%2F%2FynObKebkkU2ldDf3RXY34Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sat, 10 Jul 2021 02:24:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 66be193429d24ebc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame E5F8 12 KB
12 KB 212ms
113ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 0ac019e24f67c7d7603950fa228704b044c78dfa8469502f6a208937b00be1fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Jul 2021 02:24:52 GMT
Last-Modified: Fri, 09 Jul 2021 02:24:52 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E5F8 59 KB
60 KB 82ms
27ms Script
application/javascript 13.225.87.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jun 2021 16:00:47 GMT
server: AmazonS3
age: 74222
etag: "edfa65aada7c65cbe3a78f39f8444ab3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 08 Jul 2021 05:47:51 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 60765
x-amz-cf-id: tVgvpjNanW4s4FcrMDY8IskPZLHV5f8p6Ok1dqOaOhWmxJ0sxjgMdg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame E5F8 79 B
374 B 129ms
43ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YHxdFx_4.etQVD_DJhCizgzH_y3EjNpmVWN9dPBSmWjV.lV9dXJvgRe4GSrWUe1zBfsZPuVr914VecL57GY5BNv_2TjV.3vn&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625797492%22%2C%22%22%2C%22%22%2C%22%22%2C%221781317492%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=8ed1e5ef80e381df3532999652af2c92&userIP=159.48.55.6&doAffectv=1&wgtime=1625797492
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 09 Jul 2021 02:24:52 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame E5F8 85 KB
85 KB 86ms
32ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid9jZCMfmfed8aKHBH2t7tr3BT5tmTzDoneid__asuidxucNFRwQAHFFj3XRE3C1KpRmDdT89VPAasuid__dbm_Netmix_Reach02_DC&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=c02f88be3ac228b1507a2d595f9ecbe3%2F16431478350332609371&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2369wh6yfhk00xspmaw0mrt5dehbx5prn86pz1zvwv4v4q5zd20vrdbk170xv59kc4d58z0sywcrtxypacnxsmdf1frbxm0kv0bpdwp64jkw4vrmhzc4s5ehmkyrtpxfa0mkkcb85dk4hadmtyh85x04g5ss1bha31vyk7b2g8bv5ycc6wc488cp09zhhg6ztejphrrv6yx9cm8ra377ecjnck2y6fmf3jdg93jkt53bhgdpwgaze6em31a3t%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEX0zc7PnYNvDE76vx_APwaeNsAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTUzMDM1NTEzNDM4OTk1MzGgAcKu6N0DyAEJqQK5XT1o69-zPqgDAaoExQFP0MipiMfhvJ0tLwbUjztnlAjSHK7VTY1SDpy-7mQaGJyKTjRnIx_18UN5aq_lhptFx_uiIk616UbVXn_OA7a9reyLiHrBYBNVmLTugY1eq4PHMAKwI9KHBNfOe1v21N62RufSAQ8n43p-AJa7sfGMaM9dGvYzqATZOZe6RiFiRehDVgs2B_wX8fG9nsAhz9ptuvLSOO_NsgYGhhlvpfJ2hr5YmIFkhPsAQPvcpXCspH1NGe_xqh-J7UkjMCkIBCsbV7qop4AGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Q7aYAaWXBvwpsCYqI4dEWpsfxaw%2526client%253Dca-pub-5303551343899531%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Jul 2021 02:24:52 GMT
Last-Modified: Fri, 09 Jul 2021 02:24:52 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame E5F8 63 B
270 B 138ms
40ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1YHxdFx_9CARhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN_Dv69WJMSsMuVjn9y85icCmVWN9e4WX3NlY5DtFrfs.7Ls
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 09 Jul 2021 02:24:52 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2155dd6b186e442f332f3d9997b286c6092e43355b216cce62e90f4d18206f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Jul 2021 02:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8366
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 02:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:24:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CE7B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 08 Jul 2021 23:22:08 GMT
expires: Fri, 08 Jul 2022 23:22:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FBB 783 B
532 B 21ms
21ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c93226822b00bceeefaca704be09788739f7762f05ccd3cee3d3f622ad40633d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ZWqYqZj9QestZn0RacM8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://petitroom-3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://petitroom-3.com/

Response headers

expires: Fri, 09 Jul 2021 02:24:52 GMT
date: Fri, 09 Jul 2021 02:24:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2ZWqYqZj9QestZn0RacM8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E5F8 16 B
232 B 76ms
75ms Fetch
application/json 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jul 2021 02:24:53 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 101ms
33ms Preflight 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 09 Jul 2021 02:24:53 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CE7B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 08:29:28 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=2122100125977154&bg=!IiGlIWXNAAbV4AdB1eA7ACkAdvg8Wp-zKns80FMxCsdwd5BJU7hoyScBMgXmnZcDMa93lPSAOzptygIAAABHUgAAAAloAQcKAF-nV9DhyEEQPpV41n9r-XTKshLJSZ2krrr-Te9GFNmpYK0ykXBANCVRM1bQLFe76yizgO-_AgNr3oYzyPm4-7f5XZAtitj3jkw7cPN61LfQh02YZsKtWzCPcVBoiYX-oJkCf0YDt5R5dks9B9F1efJh_vH_4FH1xR1J1uzywzs17qqiBqr5AXTNxgAUFubRMll5QSwNGjPoEYXLe8Mv3_dXsnO9z8llTi7elBNqVaxTYsj1jcuuOAAxa-FCidie-1pnuAvLU1TtcLx6wvP1BUtTFNFgg4JhRgDwIo541RQAPm1-XvIHfl9RRdupw3T4_4cGPX0ddTGroaWJ338CggDCDWLB1DI506nLXUKoXLskIVhbX0tCyZI2bsm5txoD3DJ05bbi1mcX35i0-2dKoJyg7iSD_DkDxuyBAB3GH75rm89RRRArgQSzUu8Ftho7kjyTVL0QvYmkBY1Q49mUbOu_lf7jOT0bmApxXgLTHYACyQ9d9g8DgLTC0hdIvkmgRKpSmje7T_iwIB72BZ-8BsHwZwn7X4X2QwEQWY22knQ8nyHE1Hs4VDizVuYm2Sr7SQ2eulr2bWhh4DCFWiGo5_sPaRbrzf71cHGsic8Puv2I5jVRC_nM1mpHNaRpHyPFyVSqXsDbefDPnXUdsYHyuwjqn3gZ1hjChQUfOSxSW_1jRjG75BGEAvrx5JsSwrkWZTDSrvt_weeDTUdSEbgMot0VE7HZ03xT4hqwRN3uQSih1ChaoRM9SQfag0cVLTbVmiCyFNR5aum4byms1o-vFnZSeDfxZy4l4LGN4jtOuhOeOdrEKY7sy_nsdpxNzO-n8SO37Zi7V2JnYpjh720DyRm5jw2KwOb7QyFFafG4oNjrFPRlHv-CbiRG6qAn85MACw2UfGvJdr5E5uU9C5ZZJmzE4tShAk3sPARj4rBW9Dtr55-eb_PusTOV9QQNAfPIC4DjdIbK3340hSQs3eNi76RgpQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petitroom-3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:24:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A87 0
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=130.0000&a1=https&f1=layout_html&s1=0&d1=26.0000&i=383081626731&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F4351612859306125195%2Findex.html&gqi=c7PnYNGnE8KM7_UPm_Oz2AE&qqi=CJj-yc_31PECFb7cEQgdhhMBjA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jul 2021 02:25:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YOezc56-R9LZfkuqODaGlgAABG0AAAIB&google_push=AYg5qPLiTskwa5r5Zj1rbcD4T8xFptq7VIePunYFelEH7AoZ0HmQl3ZHMTdNI7knEZ9cRsxAwu9UvSfY59asDPABxZY4aKqnmO0&google_cver=1&google_gid=CAESEK_szTZrWOZuE1R57cFXBck

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:36:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:58:13	Name: IDE Value: AHWqTUnpuOYu84JxGDwNWlAqBUCga1wLlGNx67BZRY_kHoULUtjQJOdnBCjY4E89zf0
.petitroom-3.com/	1970-01-20 04:58:13	Name: __gads Value: ID=8ddf66be83013424-2298c5cf69c9006f:T=1625797491:RT=1625797491:S=ALNI_MbwFlS4_R8eCwfdW-KCvjhO87yhYQ
.petitroom-3.com/	1970-01-19 19:36:37	Name: _gat_gtag_UA_79568801_1 Value: 1
.petitroom-3.com/	1970-01-19 19:38:03	Name: _gid Value: GA1.2.1123683048.1625797491
.petitroom-3.com/	1970-01-20 13:07:49	Name: _ga Value: GA1.2.341374868.1625797491

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://petitroom-3.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cm.g.doubleclick.net
cms.quantserve.com
diapi.webgains.com
googleads.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
petitroom-3.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.petitroom-3.com
www16.a8.net
www17.a8.net
www23.a8.net
cm.g.doubleclick.net
104.111.239.217
13.225.87.52
142.250.181.226
142.250.184.226
183.90.253.34
185.64.189.115
2600:1901:0:76b9::
2606:4700:3032::6815:57ae
2606:4700:3039::6815:c034
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c04::9c
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
35.186.253.211
46.236.13.147
52.194.50.40
52.198.26.114
54.72.233.75
69.173.144.139
81.29.72.47
91.228.74.189
99.80.199.35
001752870f01e7631a31c0be7e93c6fb39b80a9247f50614b4138325b6bef36c
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1
0ac019e24f67c7d7603950fa228704b044c78dfa8469502f6a208937b00be1fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e26c948164ba483456110b0ffff9994a1644daeb96db9c6f3349898beecc3b6
11e985b3052675be83763307225b0be3cb4e297cc034fc14787c6ed412d52f0b
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17e3c399131fd54514fb8f6807ab3007294d493476d5a60220fa8db04d9f0daf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e67d7865e603df14559c911af63fa363780bd35bcdaf826495528706cf487f0
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
2aef878dbc7f0c16b6d4f0323041117838b056ee686ad74ce816214657119310
2ba0e0468290efccde7ac41afff618243e60020f5228312ff8d38368f0916d74
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
2dab87de59f22b0071438d367726f05a5119cfe596ccc9639e77afe9dc9d515e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
32e367ec71e96f0d9f0fb26153fa7333d7b4dc1118f3bc70f85455e860751b20
34dbf32ffd29959cee88c13596232d5af7c5513f847c673a598bf802916ebc17
396067957f0521fcfcb16de6a2a5718a98bd0cddecc193ed518683ca92cc64d3
4065a681bd1cb1b41de006aa017dc110a14248bf245929e1d5f9244ef0c39544
410bbef10cc0a50e426c6cd819887a9b22cb9d412e1c92a40e5324907927c6e2
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b21c46c6f836d01f9dc6e210e7911ab73548552698f1f2feb346c0885d7e919
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1c72ad3ae6a849d53fe9e79f9f4d4cc5fc09467d074257311ba5e156c51159
4eeaa480509e6ba47f05ba62cf46e6ee834bada7c17fe6afdbdaeec9e6243a7c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54192cf9443a6bdf81131a5878d810b3806966dc44285315cd81b22938376e69
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
5941d6cbaf28a4b41cf3b6bbc4e200ca1890b69071e9a102b76a3669bb7faef3
66176508f355dcbe055c1ca2c08d5e58eb59a9a4fc4e05288abaae5380e4a37f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de414ba4973b2d8efffc4b9088b707adecfa2af101a824fa3a5dcfa5fe03757
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
751731083b3af2e988bcfec12adce9d80b0ab56e1b7b555fcbf44299b6b51ab4
77c22158748b51a3e3c7a0cbac9865c16f24796fcc69269df9dae46c4f5ed804
77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564
784e7187588dac9d8baebffd4fd47dce7cf0a804bc96ed27b0c0692251ad3a52
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7b5c6e6dcc7aaf85b42c5f44b05709680391b778a02bc4507c1bb340504ee65e
7e1fbe94a44c01febabaeca4dd15ef3e6148cfee4b507d2f10e7a690a5f18913
80fd2462d17008fe27ca99ba416a92f1337b7327707828d3592129bff057bde3
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85ab0dd72292cba70238dbb389b7a913a4ee1764fc609488654f677f2121ccbb
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
97825f8691c7c789ff9d692226e6975feef0af055e5c857c4d14fa0535a3d4e0
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8f7e9c1018c6c3ceae5757e03555864eb0c0049c5182d9d745b21c61968c33
9c6542fe24e2c829b28a3c8526550f6e8a017d3ed56349e55c1f178c00cb5914
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a883d336a765d70f6d5e467175932b558cfd1aa094bad3024494acdc7136efad
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e
a9ceb0224cc39c679ee43c8cb1f37993dae2bf567ec80d8c51832578290c7e5b
ac2155b4d069162e22db4b3890769c10b096095fa949f8de1183ba55aaed09a5
aed65b664e52df7e51727bb9bf6260f712dd93f6f57ca604abc911cd38b6fea6
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3b08b7a65195dffb8293a29aa77d5a756334fcbac259d742c67b7bdf30c4fea
c6b390b51a00f50632745b3d518fc93090a13b8dd1dc3540620dda30b884d5d7
c8cbda8236e456a9d7f9522446c5edc10506a00782c4e37089b37f2aca575410
c93226822b00bceeefaca704be09788739f7762f05ccd3cee3d3f622ad40633d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc67119b24683bf39f35d73e1ec8ff040ddb175a35d5e6fb516dcd9b202d322d
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1a45f8130ff959aa9a7269118def429057b95fd88f88f66cfc5408677e5912e
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d260a43ba0f6ae58183a49c9abe68010def8990e98795f3f79b6a662bf73e8b3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f4a3170935611e80e4c86893dfa7367a8a40fdc6b4b71be30c949599422c2
e2155dd6b186e442f332f3d9997b286c6092e43355b216cce62e90f4d18206f1
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
f3b29881f7c9a70696f1d51f38c434205629e68d803c9c67ca015ae90d7ade09
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

petitroom-3.com Open in urlscan Pro 183.90.253.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

99 %HTTPS

50 %IPv6

21 Domains

33 Subdomains

27 IPs

6 Countries

1841 kBTransfer

2970 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

petitroom-3.com Open in urlscan Pro
183.90.253.34 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

33
Subdomains

27
IPs

6
Countries

1841 kB
Transfer

2970 kB
Size

6
Cookies

114 HTTP transactions
3 data transactions