dayfgh.com Open in urlscan Pro
2606:4700:3032::ac43:cfb3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Submission: On August 14 via api (August 14th 2023, 8:05:09 am UTC) from US — Scanned from DE

Summary HTTP 353 Redirects Behaviour Indicators

Summary

This website contacted 60 IPs in 12 countries across 59 domains to perform 353 HTTP transactions. The main IP is 2606:4700:3032::ac43:cfb3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dayfgh.com.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.

This is the only time dayfgh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 51	2606:4700:303... 2606:4700:3032::ac43:cfb3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
24	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	92.123.150.201 92.123.150.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.112.164.126 3.112.164.126	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	54.180.52.191 54.180.52.191	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
33	2606:4700:e6:... 2606:4700:e6::ac40:cc1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::ac43:91e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:3411	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:42b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:5bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:25::1726:620a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3034::ac43:957d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
11	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	52.199.26.11 52.199.26.11	16509 (AMAZON-02) (AMAZON-02)
1 1	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3	13.42.110.74 13.42.110.74	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::6815:2afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
2	18.135.31.191 18.135.31.191	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	3.65.161.116 3.65.161.116	() ()
353	60

51 2606:4700:3032::ac43:cfb3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dayfgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.dayfgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.dayfgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.dayfgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.dayfgh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scupio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
19globalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.akusehat.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-201.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.112.164.126 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-164-126.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.180.52.191 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-180-52-191.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700:e6::ac40:cc1e (United States)

ASN13335 (CLOUDFLARENET, US)

static.intentarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jkingtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:91e7 (United States)

ASN13335 (CLOUDFLARENET, US)

yaya0506.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3411 (United States)

ASN13335 (CLOUDFLARENET, US)

itigeryou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:42b8 (United States)

ASN13335 (CLOUDFLARENET, US)

angela-babies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

coolsaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:25::1726:620a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:957d (United States)

ASN13335 (CLOUDFLARENET, US)

mydesign-cases.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.199.26.11 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.126.246 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.42.110.74 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-110-74.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.220.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2afb (United States)

ASN13335 (CLOUDFLARENET, US)

health-am.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.31.191 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.161.116 (None, )

ASN- ()

www.restposten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com 3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151 ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com	575 KB
51	dayfgh.com 3 redirects dayfgh.com store.dayfgh.com popup.dayfgh.com count.dayfgh.com twstat.dayfgh.com	2 MB
33	intentarget.com static.intentarget.com — Cisco Umbrella Rank: 289640	54 KB
29	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 ad.doubleclick.net — Cisco Umbrella Rank: 194	530 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30452 ad4m.at — Cisco Umbrella Rank: 10726 assets.ad4m.at — Cisco Umbrella Rank: 40955	1000 KB
20	akusehat.info js.akusehat.info — Cisco Umbrella Rank: 350601	38 KB
12	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 13588 geo.yahoo.com — Cisco Umbrella Rank: 1379	4 KB
12	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1187 eus.rubiconproject.com — Cisco Umbrella Rank: 636 token.rubiconproject.com — Cisco Umbrella Rank: 632 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 25944 pixel.rubiconproject.com — Cisco Umbrella Rank: 361	13 KB
12	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 930 trc.taboola.com — Cisco Umbrella Rank: 622 trc-events.taboola.com — Cisco Umbrella Rank: 1925	431 KB
11	yimg.com s.yimg.com — Cisco Umbrella Rank: 550	239 KB
11	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392	365 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 725 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 346	185 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 317 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1131	4 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3	3 KB
4	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 154708 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321	8 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	225 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 25120 api.webgains.io — Cisco Umbrella Rank: 56842	18 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 44386	2 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 64857 sync.logly.co.jp — Cisco Umbrella Rank: 69957	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 27309 audiencedata.im-apps.net — Cisco Umbrella Rank: 29725	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 25937 api.dable.io — Cisco Umbrella Rank: 23276	38 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 17077	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 812	490 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 601	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 809	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	207 B
2	mydesign-cases.com mydesign-cases.com	2 KB
2	yaya0506.com yaya0506.com	2 KB
2	dwjhgx.com dwjhgx.com	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	140 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425	575 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216	703 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	89 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 98755	24 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	42 KB
1	restposten.de www.restposten.de
1	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 59233	477 B
1	health-am.com health-am.com	1 KB
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 958	163 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1787	407 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1381	641 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 69872	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 64810	329 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 64401	184 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1376	576 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	712 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	731 B
1	coolsaid.com coolsaid.com	1 KB
1	angela-babies.com angela-babies.com	1 KB
1	itigeryou.com itigeryou.com	1 KB
1	jkingtimes.com jkingtimes.com	1 KB
1	19globalnews.com 19globalnews.com	1 KB
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 248570	565 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 99235	17 KB
1	scupio.net www.scupio.net — Cisco Umbrella Rank: 269437	2 KB
353	59

	Domain	Requested by
33	static.intentarget.com	dayfgh.com static.intentarget.com 19globalnews.com dwjhgx.com yaya0506.com jkingtimes.com coolsaid.com angela-babies.com itigeryou.com mydesign-cases.com health-am.com
27	pagead2.googlesyndication.com	dayfgh.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.sitemaji.com www.googletagservices.com googleads.g.doubleclick.net
25	store.dayfgh.com	dayfgh.com
23	dayfgh.com	3 redirects dayfgh.com
20	js.akusehat.info	static.intentarget.com js.akusehat.info
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com dayfgh.com pagead2.googlesyndication.com googleads.g.doubleclick.net
14	securepubads.g.doubleclick.net	ad.sitemaji.com securepubads.g.doubleclick.net dayfgh.com www.googletagservices.com 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
11	ads.yap.yahoo.com	s.yimg.com
11	s.yimg.com	ad.sitemaji.com dayfgh.com
11	ajax.googleapis.com	api.dable.io static.intentarget.com
8	ad4m.at	as.ad4m.at ad4m.at
8	cm.g.doubleclick.net	1 redirects 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	as.ad4m.at	dayfgh.com as.ad4m.at ad4m.at googleads.g.doubleclick.net
7	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	www.google.com	tpc.googlesyndication.com dayfgh.com
6	trc-events.taboola.com	dayfgh.com
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net dayfgh.com googleads.g.doubleclick.net
4	cdn.taboola.com	dayfgh.com cdn.taboola.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	track.webgains.com	as.ad4m.at
3	token.rubiconproject.com	eus.rubiconproject.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	2 redirects
2	www.awin1.com	as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	prod-rtb.ad4mat.net	96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	static-de.ad4mat.net	as.ad4m.at
2	eus.rubiconproject.com	nt.compass-fit.jp eus.rubiconproject.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	onetag-sys.com	1 redirects 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	dclk-match.dotomi.com	96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	mydesign-cases.com	static.intentarget.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	yaya0506.com	static.intentarget.com
2	dwjhgx.com	static.intentarget.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	www.googletagmanager.com	www.scupio.net www.googletagmanager.com
2	trc.taboola.com	cdn.taboola.com
2	gum.criteo.com	cdn.taboola.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	api.dable.io	static.dable.io
2	www.facebook.com	dayfgh.com connect.facebook.net
2	connect.facebook.net	dayfgh.com connect.facebook.net
2	ad.sitemaji.com	dayfgh.com securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	dayfgh.com
1	www.restposten.de	as.ad4m.at
1	t.adcell.com	1 redirects
1	health-am.com	static.intentarget.com
1	analytics.webgains.io	track.webgains.com
1	bttrack.com	eus.rubiconproject.com
1	s.company-target.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	geo.yahoo.com	dayfgh.com
1	secure-assets.rubiconproject.com	1 redirects
1	audiencedata.im-apps.net	dmp.im-apps.net
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	l.logly.co.jp	nt.compass-fit.jp
1	ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	coolsaid.com	static.intentarget.com
1	angela-babies.com	static.intentarget.com
1	itigeryou.com	static.intentarget.com
1	jkingtimes.com	static.intentarget.com
1	19globalnews.com	static.intentarget.com
1	count.xxxssk.com	dayfgh.com
1	nt.compass-fit.jp	dayfgh.com
1	static.dable.io	dayfgh.com
1	www.scupio.net	dayfgh.com
1	twstat.dayfgh.com	dayfgh.com
1	count.dayfgh.com	dayfgh.com
1	popup.dayfgh.com	dayfgh.com
353	87

This site contains no links.

Subject Issuer	Validity	Valid
dayfgh.com GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
scupio.net E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
static.dable.io R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
intentarget.com GTS CA 1P5	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
19globalnews.com Cloudflare Inc ECC CA-3	`2023-08-02` - `2024-07-31`	a year	crt.sh
jkingtimes.com E1	`2023-07-02` - `2023-09-30`	3 months	crt.sh
yaya0506.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
angela-babies.com E1	`2023-06-30` - `2023-09-28`	3 months	crt.sh
coolsaid.com Cloudflare Inc ECC CA-3	`2023-07-13` - `2024-07-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
mydesign-cases.com GTS CA 1P5	`2023-07-30` - `2023-10-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
akusehat.info E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
health-am.com GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh

This page contains 59 frames:

Primary Page: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Frame ID: 18A8424307E875AB7E27636DE2C8A922
Requests: 72 HTTP requests in this frame

Frame: https://yaya0506.com/gmifr_lei.html
Frame ID: 8DB2D8C2E687E62BC2E734AC9412099E
Requests: 7 HTTP requests in this frame

Frame: https://dwjhgx.com/gmifr_lei.html
Frame ID: F9BA2F292DB837FD36563553E35F056F
Requests: 7 HTTP requests in this frame

Frame: https://angela-babies.com/gmifr_lei.html
Frame ID: 0F5B40C0A6A29E86861FC2B8904F282E
Requests: 7 HTTP requests in this frame

Frame: https://coolsaid.com/gmifr_lei.html
Frame ID: 8E5C35FD2B859E9CE533B0327EB5AD36
Requests: 7 HTTP requests in this frame

Frame: https://itigeryou.com/gmifr_lei.html
Frame ID: 474B235F321AEEA4441AE681AB7EA190
Requests: 7 HTTP requests in this frame

Frame: https://dwjhgx.com/gmifr_lei.html
Frame ID: 56B2E9B434DBEB2C0AE866807BF6EB24
Requests: 7 HTTP requests in this frame

Frame: https://jkingtimes.com/gmifr_lei.html
Frame ID: A2D237F309859A01DD9E3D9ABFC2923F
Requests: 7 HTTP requests in this frame

Frame: https://19globalnews.com/gmifr_lei.html
Frame ID: 13600CC5ADBD8FEC28B434C6A8DFA78F
Requests: 7 HTTP requests in this frame

Frame: https://yaya0506.com/gmifr_lei.html
Frame ID: FC863B05681BCF9A69DCF139EFFC082A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 499E2E7DA20CDD6AA90EC2823FDA2371
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5960085352433364&output=html&adk=1812271804&adf=3025194257&lmt=1691993102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000301896&bpp=3&bdt=642&idt=250&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2019872947101&frm=20&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000302&ga_hid=782162920&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076088%2C31076807%2C31076924&oid=2&pvsid=1617046438122927&tmod=1853265662&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: 8E1960D9B333EEA852FFF01EBF784B92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5960085352433364&output=html&h=280&slotname=5705254605&adk=3342255844&adf=2469204067&pi=t.ma~as.5705254605&w=850&fwrn=4&fwrnh=100&lmt=1691993102&rafmt=1&format=850x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000301900&bpp=1&bdt=646&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2019872947101&frm=20&pv=1&ga_vid=1286942092.1692000302&ga_sid=1692000302&ga_hid=782162920&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076088%2C31076807%2C31076924&oid=2&pvsid=1617046438122927&tmod=1853265662&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5RaQdmVo2E&p=https%3A//dayfgh.com&dtd=282
Frame ID: 69CADCD55C1FCEFBB780DD0C73A5338A
Requests: 1 HTTP requests in this frame

Frame: https://health-am.com/gmifr_lei.html
Frame ID: 96F18FEC85D5C7B2223138684C8FCE64
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 11ACDB2A3250647AAD8EC92DD1C56553
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DA70C67F4ED29296DDE46D4A1AC16AC6
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FB587E20A48156B28CC4220C8BCC2668
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7df7de58389dc%26domain%3Ddayfgh.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdayfgh.com%252Ff1bf8954cc1c7bc%26relation%3Dparent.parent&container_width=884&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100091684089401&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=366
Frame ID: DCCF434AEE97BEBA18F6DDB403B69720
Requests: 10 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=472bd636-f5c6-411a-8a2a-cb3316d06a31&id=dablewidget_goP0dJoQ&category1=%E5%A5%87%E8%B6%A3&author=0&item_id=4898534&item_pub_date=2023-08-06&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 9FFE6932D8953FA8D3F068B31A072A26
Requests: 2 HTTP requests in this frame

Frame: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E51DBEEBC10D4C48862371A5CE5C6B96
Requests: 1 HTTP requests in this frame

Frame: https://3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B4B20795039EEEB50CDCA9CF6A47D274
Requests: 1 HTTP requests in this frame

Frame: https://ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 453C7890141ECB8A1CFCD6A38847F046
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 424A1425522B2677494F43A5964FF754
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E93A9D00FFD13AD1EAFB24F01EF1027
Requests: 2 HTTP requests in this frame

Frame: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CD395A6DAECFC11B9A1B0642220313A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7AC98F4B5ECACAC1D0EE0C858876ECA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5782F922206137B54C715CE3C0E07DF8
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBMLFQT9UiGIhxaPP3OnA66UyFFD93fsaQleDRlM6B_nt8z_SUIIywaWcUc-hq-61lXNvg7NpbKJxZRW8-iZWWTOvNPhw8tp8yiArf9Hk2DGbp8qEdHi7TO1w3crw8KP9uTGMdEgDVpdtqjiU0Zdw0un_TP3e6UqOVUQK_p5D_nPawgjKzScNoNXu8WSUKqyzZ8LWsJPHiOw07xoCbJLdMkRx3X1PuJtvccPIFi-5dNzyG4RXSgw5OpzYGdr8Romb9Zlxg2CtM_P29ZFEeduzgvUpngyB90lFxVpBEvNaDn-2Q0Yd1LUd1Q590YQi9IpLmvLSzwFpNrmQ&sai=AMfl-YQY2OYD6fH4hRkw2YiQt5ySalUHmvz9qZ1cIONLFsKqYDr4AtLP5DE5J7DE2ilUqFxxw-sY3T_ixVUy7s8g3rYtksjiSTyqtHn1Fz9LC5FOHTJUeZOtDta0rn-c5Q&sig=Cg0ArKJSzAIynboejWjjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CB37B5F30CEBEB3C35B2FC774100C155
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrD-oJXw0BgIN7PoYr-h7NfgAjogbPtH9G1nahfDDbboifT00IarGQLpYEAyNyWE7wTRJH4O_PAdt2TD-QdmFaX0sXlzobY8JHfhiufuHLkgZgMGdDPnbwbbcfGHPHgN14R2-brRdDeF8qWGYXkqKXDp0elFg0GJWz4dTPMpF7CpBSCkPvXYrO3MG2_NGxukjNHqbzYge1ZUt4PVUfDzUjh_FhqBvpECaNAJL7kY4xAm8U_vf8a9klrMpSYPVYqMI_jb1x1nY68I95gf_f9OSQnku3j8MOsMR7u2U0Y0XLwSPudpBW9CrM3mkZCwLXXGQiiLYR6hsGy-g&sai=AMfl-YSZmQqB9BQFdKISQLJYdv1gaVEyY5LuWIhpj76T5PsLatdyD9yZ6nHTgBEBG7o53SOsi_HEFmWkZdRW2NnZNSyKWr444VXs8sTlV8BIrsQerLTPgYkg26z3MBP5Aw&sig=Cg0ArKJSzO7IL9_67z92EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9FDF6F6841640194474DD7541BD6DBE0
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D
Frame ID: 779F7675E36B09D39AF5A14CBB6AFE08
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: CC899DC8EADE208A0E78A9781DA97940
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C5C37E72211DF1061E7CFA2CC54F06D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 298F7D3A4144CE8DD7085749331DD104
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C32D2ED315356A6D51337087B39E1F2
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 587C59122EAB659E00BEAE6D38D47364
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: DE37D06BDF2C56460475703D279D589F
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 41CC64CFFC2723BEA52AE337B9EBC045
Requests: 1 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Frame ID: 03DD4B60B02F694A0F435B6762881D1C
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=ZHCZJTKWNPMW24GQYKY9&sectionCode=0d20b1ff-dfa6-4c20-8cb0-34e800faf912
Frame ID: D14C52D5BF5C1F77C637F19DBF94E249
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=GTWB2N9RZXRY5JXSDJM5&sectionCode=86166e84-a4bf-4f12-96e5-ecdcb9de2b18
Frame ID: 4323D374F3E1C2A2873EFC3186004787
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: F2150B8AAF419AFCDA84B0A80768CE07
Requests: 6 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Frame ID: 0DE351CB1C85FC70AAB840969A4CBA70
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=FGM9WKG2KZ9P897DVG37&sectionCode=e0dca6eb-9d9c-4b90-8da0-2e5e8e48951e
Frame ID: A646C0F5CDACE22277B68F2611E8B543
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=H6NX3HJCW6QQKJGGP6FG&sectionCode=b8b3d887-ab65-4ee1-846f-41d95101335c
Frame ID: 7BC78B3617085E9E53F61B482CE36139
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Frame ID: 7CE3F9D43B56E8C701796516D55DD96E
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Frame ID: 442F5273EF8F3EE82C6ACA2401A33D82
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Frame ID: AA71C408BABDD09397C778EC57E423BA
Requests: 14 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=DBQ6T8DY3S7YRBGVN7X5&sectionCode=0ff7b8fe-69ff-46c3-89ae-7d531ebe198a
Frame ID: CDA4234B051B033599D1341C1CB66A9A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258
Frame ID: C4A08CD4AB13D7C466663DA1DB2525C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA8BF7FFA5864F62AA2C1F80CD7892B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63B8995FC45E63E39988E9911B53202D
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D
Frame ID: DCF422AA9D7647F90857D4161C6590D7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: 4349527DE893416CDF204BFD4E74EE78
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 379F407786F2F4954A0929DF2C1BB435
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2054BDBE01D59B7C4A44D86D40DB94E8
Requests: 1 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Frame ID: CBE86438D40FABAE7DAA0B0FAA96D319
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Frame ID: CAC0B715AB8E39E0F25B44DDA7EF9E2A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1A7A6E7D30546631B00217BA43EE36D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 808620B438FDFD0644615B70567670D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

重60萬億億噸的地球，為什麼一直懸浮在宇宙中，不會掉下去？

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

353
Requests

93 %
HTTPS

49 %
IPv6

59
Domains

87
Subdomains

60
IPs

12
Countries

6203 kB
Transfer

13915 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://dayfgh.com/xstat/pop/4898534/1 HTTP 302
https://popup.dayfgh.com/js/ad?lang=zh&aid=4898534&host=dayfgh.com&type=1&count=0

Request Chain 36

https://dayfgh.com/xstat/index/3611 HTTP 302
https://count.dayfgh.com/?3611

Request Chain 38

https://dayfgh.com/xstat/moneystat HTTP 302
https://twstat.dayfgh.com/stat

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtdkDY8AyXYcJIEdfRzmFE&google_cver=1&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaWZiWEJJm2U47uww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaWZiWEJJm2U47uww

Request Chain 176

https://um.simpli.fi/gp_match?google_gid=CAESEJQgAJ2JPfMpY7yESSjVkf4&google_cver=1&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREHLU7D8bySPa5AfFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A965719300AE48F09853F14F122A7DA6&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREHLU7D8bySPa5AfFg

Request Chain 178

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBOu2WqG-Pp5_LeArdeelU0&google_cver=1&google_push=AXcoOmTlPmtdFGitIVI7OpGsBbeWTo9K_3ugJPHCwcFrY6cTrEChIKLZJVRwxw29F6CnBHoCQyHDmrDaV11sxyjPGTt9UAcSRhFlNg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBOu2WqG-Pp5_LeArdeelU0&google_cver=1&google_push=AXcoOmTlPmtdFGitIVI7OpGsBbeWTo9K_3ugJPHCwcFrY6cTrEChIKLZJVRwxw29F6CnBHoCQyHDmrDaV11sxyjPGTt9UAcSRhFlNg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1-avBNuiQxiu46lwDbb1Gw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTlPmtdFGitIVI7OpGsBbeWTo9K_3ugJPHCwcFrY6cTrEChIKLZJVRwxw29F6CnBHoCQyHDmrDaV11sxyjPGTt9UAcSRhFlNg

Request Chain 179

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL9EVMVJ4dYk1XWTQnMrhRw&google_cver=1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1692000303572 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5609244c-5cf5-4dd9-a0b8-4abade2b9a37-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw%26google_hm%3DA1YJJExc9U3ZoLhKut4rmjc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&google_hm=A1YJJExc9U3ZoLhKut4rmjc

Request Chain 180

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAbycBDHP2D206xSPTxpA8o&google_cver=1&google_push=AXcoOmTjGScUuZutEIxOm0jhOsmY-JKRl9eQAu9oXTxhvdo7ZmBsBlXyQNR6Wc8GDTARy5Xff-bFNweWAjmbvVSqSoJdv3jVzerUreU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjGScUuZutEIxOm0jhOsmY-JKRl9eQAu9oXTxhvdo7ZmBsBlXyQNR6Wc8GDTARy5Xff-bFNweWAjmbvVSqSoJdv3jVzerUreU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 195

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 269

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMq95KjY24ADFU2HgwcdNSoPpg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 286

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W8As05RvRNCqX7mpfSDseg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W8As05RvRNCqX7mpfSDseg

Request Chain 288

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ACHR3pk8SKCy2FgPPrP27w&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ACHR3pk8SKCy2FgPPrP27w

Request Chain 290

https://ums.acuityplatform.com/tum?umid=2 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=813658998581&expires=30

Request Chain 292

https://s.company-target.com/s/rp HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3b5d2131-c80d-4bc2-b422-cd7240175b2b

Request Chain 319

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGTIST3Jtk_8P_1KWQBb7jo&google_cver=1&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RXpAJpPQdToMkPyjYQ24qgRG3j HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGTIST3Jtk_8P_1KWQBb7jo&google_cver=1&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RXpAJpPQdToMkPyjYQ24qgRG3j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NTg4NDc5MzczNjk2NTk4MA&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RXpAJpPQdToMkPyjYQ24qgRG3j

Request Chain 341

https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY

353 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09 Show response
dayfgh.com/ 53 KB
15 KB 498ms
415ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d67c2162a75304bdc272afe72695e03c1f256cf457e2252e088c304f875e9068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0b84cac6919-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okwWyBfrK6IxAWb8BgIAlhBmH4%2FCNkC7%2BHW2HervUdR%2FxBZRRX9ei8TpaWYIKvo15GH8T8Q5HXGTc7Ig6JfGNIjQNuwYX%2F8ptgeDThgh0uP%2BOypAeICjhknbiBrjkhkd8JBOjoIsHz35"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 font.css
dayfgh.com/Content/global/default/font/ 3 KB
924 B 440ms
439ms Stylesheet
text/css 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/global/default/font/font.css
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 12 May 2023 03:55:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0ac969b8584d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyysRyTiMhzZZmqiYjK%2FYEuXZCVpU219x4Rpw1OobA8OiVpZo9OsvvJwSivW8R7dObF6fXOWmYamGgwFXqobSoP9mzSwn5THtRO7MGbhV%2Fu5CopHXjFDSxuL%2FsK0VQx9PnswLY%2FbT58l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f67b0baef8d6919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css3.css
dayfgh.com/Content/global/default/ 25 KB
4 KB 221ms
220ms Stylesheet
text/css 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/global/default/css3.css?v=31
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 07 Apr 2023 09:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6cfb61c53169d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6qxZb4IXhm5T3GYGLPWd4%2F9qPAAOFOVFzZvQqBMkdiWqtgMIQHItgvCTNrSyGf0KHYxcZhNcNfrbZJn06d7Mck%2BFhVuK4l%2BaQKk9KO7LgKgw9qqtylmBECyiXOYwvbvsmR%2BZAIwdzn%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f67b0baef946919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 globaldefault.css
dayfgh.com/Content/css/ 362 B
534 B 217ms
217ms Stylesheet
text/css 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/css/globaldefault.css
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Apr 2023 08:54:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"95bb278be56dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK6gMNjQibhBLWsxupA3J3eQH6A5kD%2B68aP8VDYN5cy4fmBg41Hw6hYe5No3y6CqZR%2ByaENdh9DXevstjnS6wcp66aJilLkE9o1qcCcZdJxIQX6%2BdpoKvnVXtgLc3VypmlmtwpYT%2Fl15"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f67b0baef956919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 73ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dayfgh.com/
Origin: https://dayfgh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2108696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Ftnd5muZaRqEBDmeTOvCM9k0OY4Bpnqe8GQPU%2F3KSJGIHlLa1hPTFluGh4Zx%2FS8zUoGKkP6y6Se%2BB93K2M2e7nVe0XehoJwDOFWD6uOPQ4gWvu9Y22BN81fvshcn8m3%2BeO2Ne3Q2GCDGF7%2FP1%2Fi5w9N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f67b0bb38bb193c-FRA
expires: Sat, 03 Aug 2024 08:05:01 GMT

GET
H2 200 contents.css
dayfgh.com/Content/css/ 7 KB
2 KB 406ms
405ms Stylesheet
text/css 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/css/contents.css
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"80d6a3dfb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6%2BoW%2B3Pw7pEaucVgvwrY%2FE%2FHeFw9d%2BiBAXtBqAVtTsMaKpFQUVnpOrxzTiuIHI1zr%2BDzA%2BN5XK17TmIJpBGdRp3gWMwGbS1%2BnFAIvcWfrXkrY5mJAwFqLhfv%2B9TRX1Xn7O4Kcr3dTVM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f67b0baef996919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adtext.css
dayfgh.com/Content/css/ 891 B
591 B 228ms
227ms Stylesheet
text/css 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/css/adtext.css
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 56dd106a5092ad32bba7d7fe2e942c86c1f14a3f80b22c2a8b031ff49eca537b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 09 Aug 2023 02:09:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f08a989866cad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id4fMV4L1w5609bziqCMwm0bn98C2Phd1cdXkybCFKPjbMIr%2FcQytut73NmuJOqJ3B7PIrqFqDWoiLdMoZV4Wfg4CUFzjzO7qAd0qVxXtjHGvX4R66B%2FAVfMjkJZ7shy%2BzHLVXBReIyL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f67b0baef9b6919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 openart.js Show response
dayfgh.com/Content/js/ 86 B
406 B 233ms
232ms Script
application/javascript 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/js/openart.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8891fdbb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZxtYgBGfEmlz4WoBACzwW9GXsjztP85ymelqCYyJRo3eSYS%2FRkqYaiGYjMXZkx1M5TUFDKM7f37CaIOmLJEinXQhsr4Fv3YK4P1b6zrsTtYYsuzusW03hKYvPm%2BsOwGHG%2F4cL0MQsS9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f67b0baef9c6919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2A0DA8BA5953.svg
store.dayfgh.com/logo/2023-03-30/ 24 KB
7 KB 87ms
51ms Image
image/svg+xml 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/logo/2023-03-30/2A0DA8BA5953.svg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91f690a5b1a28ed5c14cf07f3a17b1483694f6e2ad5b53379cdc7f3031a5f561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 01:39:58 GMT
server: cloudflare
etag: W/"c062ae89a862d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLsrk%2BrAmdUdYTcRWJ0URlgacMBNlZdZh0Z2X%2F2x1BbixlYVbepfSW4PhYywS%2FOKd20S8wJpc8Ldi%2BsOHQEXVvU6oovI3cUQ9Bht1pe4zJMf%2FkHKUK0ALExu2pXpAayPIG9%2BIu8LGjwRs6ygJpw6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b526919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 125ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5960085352433364

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e2e20166e6254c059bf12365aa4665e29e6ea2ae8ab50706be47617c72617e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Origin: https://dayfgh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50926
x-xss-protection: 0
server: cafe
etag: 15492364996188622681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:01 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 39 KB
12 KB 74ms
20ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:58:35 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 05 Jun 2023 08:20:47 GMT
server: nginx/1.12.1 (Ubuntu)
age: 57986
etag: W/"647d9adf-9aee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
expires: Mon, 14 Aug 2023 15:58:35 GMT

GET
H2 200 19B0CF1C3FC6w1200h800.jpeg
store.dayfgh.com/uploads/20230804/9B/ 121 KB
121 KB 88ms
53ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230804/9B/19B0CF1C3FC6w1200h800.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa7a0c1c10c8752d58842085bb4cbc84a119b5e7bfa4dd1b697c0396c76d06fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Aug 2023 08:31:03 GMT
server: cloudflare
etag: W/"1a345c1aec6d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F%2B8Mh0vodqaEF5w5IanXfjffyxe4QW%2FrMUeVq%2BOrudA%2FqfcnJ7N20RvAqicpAJcu8r1oRdrtDYdFE9sIof5Q1ERd532ziBINSEU6VciZ%2BFoY601ivDPF7cwoUxNBedqhA19NfO8G8ZMs5ZEwzA4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b516919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 8193910CF2F5w1200h782.jpeg
store.dayfgh.com/uploads/20230806/19/ 265 KB
266 KB 108ms
73ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/19/8193910CF2F5w1200h782.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14a5669aa469e3ce6379a87370e9834af21ed187e1141cf9e07ab25e880f28df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:08 GMT
server: cloudflare
etag: W/"7359b9a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6ceQKOw850WAUBblHvkentHPdoZhgupuT%2BNaifPGBlMXb6i4CljADELmHpIrAQxZh97V1mLT%2BupSUF1oi4dZSdiQznJOCyhfpPCjX9HTGVFcy0yFliFKIbrNW9Ej3D%2B1W0ktX6pMhtQhw46vULE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b556919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 80C2F033BBF5w1280h832.jpeg
store.dayfgh.com/uploads/20230806/0C/ 204 KB
205 KB 93ms
58ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/0C/80C2F033BBF5w1280h832.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f0da590ffa13d466046911f414fa7add003161b37340453535aa8cee9fb3cbd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:08 GMT
server: cloudflare
etag: W/"7d9bf2a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKo7xSAmCYUhXXPXMvpn933nuqv%2BKcB7Tt7auOX%2BBXy8UP50%2Bi%2FVtygMR%2BQ8MRS5pggV5ByJ5se0PB1n03%2BR%2F7ZUCnxH0n0LBOZ%2F9Djovd7lGX82rMKEEP5w4O3fO8WWClpsGxSbXqmDieJyhBzL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b586919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 2DDCA935BF90w911h1200.jpeg
store.dayfgh.com/uploads/20230802/DD/ 241 KB
241 KB 109ms
74ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230802/DD/2DDCA935BF90w911h1200.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 414bd2efdc0a5a6692a4ec47d0432c40abcae989d717f439a98f4bfdf8323d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 09:37:35 GMT
server: cloudflare
etag: W/"61a515f824c5d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM4b%2BESK8A6q91G02JBtFFAa9nsNmeRWcR6l9N3ErYUPh8MM%2BNJDkVu%2BbmFx6m1989%2BXgnCdMKafofk8PP3G8WgGh9wSG7GSZZsYHISRvI%2BHKRfiWChnSp1buWj5WWTu13RFTz3Ck9xEK9mcU90%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b566919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 27BA00D7B43Cw1200h675.jpeg
store.dayfgh.com/uploads/20230806/7B/ 40 KB
40 KB 109ms
74ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/7B/27BA00D7B43Cw1200h675.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a8c049fe4b1d033a39b108513180a7c30ecb6c38cfa14196b4dcf53da5be44ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"2dde52a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVdvrtgs1mElx6%2FjvQJ8cUXJ7L%2BpZUZh%2FUZqFp2eM6hN2%2FjKkCLrwfS%2Buaf%2BknewPb9VOcZGwHlN%2FhLddXQA7tdEUtpfGGkbIpZOU%2FNJjjBEeVhwo0eINiBiUVJOmWyEmr0DvJ651o%2BLwDcf1toM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be0b536919-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 A9F0F62BC3B4w1280h960.jpeg
store.dayfgh.com/uploads/20230806/9F/ 177 KB
177 KB 74ms
72ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/9F/A9F0F62BC3B4w1280h960.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a54acb2e1b65d3ecc19ef034500335fb431a072ad6033fb6b38dae887084b9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"aa5587a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ9c8L1vqtuIMW1iw6scHiN9l6sYNZMwvwi0nKEsopRqMUuqYHYxcnAliYEZE9hzC2qokDyk4pnr2reD0dI75%2FX0OejXzE1A2LtCTDy9rR8bBnK6pY%2BDgP2j3vzd0VemhVRjvANxHLe0Kb8b5RqF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c6a3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 273508B121D0w1200h853.jpeg
store.dayfgh.com/uploads/20230505/73/ 66 KB
66 KB 140ms
139ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230505/73/273508B121D0w1200h853.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ed67af88de67d86f657470c49dbfea2c5b073611c965801aa5bdf15b2de5f1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 08:15:48 GMT
server: cloudflare
etag: W/"fc12a3cc297fd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZvuKrLlu9IX%2BEcxPJ3TYRBuhQF5RGPTpnzN6uxSub96YUmrMfjsnwZImRA0kqDg3a%2Ft%2B1WuJ4H0nP4eDAA%2F3fUz4HJYGV5LcL6Qy2dvuyIGTpfI%2BYdnwqL4r%2BsO8OZn%2BB3%2Fa8d2OAtBuJRAh3UQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c6d3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 DDE1DD67EF34w1280h666.jpeg
store.dayfgh.com/uploads/20230806/DE/ 55 KB
56 KB 159ms
157ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/DE/DDE1DD67EF34w1280h666.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bee3f2c706962c10237bf98f7c29b01c268f00ac7996e5bea58f1c8e3b5964f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:08 GMT
server: cloudflare
etag: W/"4e4bc5a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ5cSSb4txV%2BGHbHZmXtrwc%2BPB%2FIe%2Fnl8x%2BPtd2FoQVpyt6%2F0kD67Afku4M6scVTettNJchK3HMhPx7Agg6fh9coAYtdOUHZjeehZCzGfNZZ3Rhjfq2VASAQRglZeJyuHEf0FL0gTKzYWTirncje"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c6e3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 8FAC049EF6BAw864h1200.jpeg
store.dayfgh.com/uploads/20230802/FA/ 86 KB
87 KB 53ms
52ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230802/FA/8FAC049EF6BAw864h1200.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4310e01a7081b33d628644165bc27d19e7d8944c5abf76f148a13d1a41e7a8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 09:37:35 GMT
server: cloudflare
etag: W/"5dec23f824c5d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3JDg1AQ5S%2B2c8du16%2F%2Bj8imm6Z%2FtQHLphWLYxsoZr9V1HuL19y5tpo1iXhrq2K8Qz3B%2BBwVTIZF7KK%2BBjc%2BoSfx3qm1vfZVTji%2BSC3ZSMrysoVzUn6gGGN4mXq99zBGdepjPcL35Fi83U0p%2BEbS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c703a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 AABF91E01F35w1280h800.jpeg
store.dayfgh.com/uploads/20230806/AB/ 44 KB
45 KB 171ms
170ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/AB/AABF91E01F35w1280h800.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1e57ff185326b9627af4ff21e7c8843f1b582773944e164be76b158f56e95685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"55259fa8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Unim6a3CqWcPmLwTv0zul%2Fa0%2F8viTAuLctxSMoZQx%2BKOQCGR9HEmdixj0THqEl9gWZv2rCIfQIwdS9bpbbqhhno%2FZv6yeiqu7kgNn20AqE4LPgiHkIsri4iqmok6ktM7WNVXU17STN4tF%2BS01ei1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c713a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 1DE824D8E648w1200h882.jpeg
store.dayfgh.com/uploads/20230806/DE/ 88 KB
89 KB 187ms
185ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/DE/1DE824D8E648w1200h882.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d92541031327789302d4c7762f1cec73a82d41e2b047c2e95dfb2224edd476cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"414361a8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bsE%2BczcrZ3LJcLS9FxH4L3sBUjREFRA41wh8nVdFIMrHUFt0fjUFUiav8qN7KgDZ2qYq4YeWOn6x0hMKltrYIY9m276lapAUI9cSEYJrFg8TIi1LRItZDMiPdXp9WrW70P6Vu1RFkxyqf1xJHV8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c733a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 1733D36100F9w1200h900.jpeg
store.dayfgh.com/uploads/20230806/73/ 87 KB
87 KB 188ms
186ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/73/1733D36100F9w1200h900.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a564f4534d26c923bf3aecc2f0424a58f210598f4382dc80325177227833622c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"22785aa8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8C7gx%2FNRwSJkUaZZchxOZlgZBEjhXhl3k7NeuBBTgVquIWQLxYr3cl14bHFQTHHY8F4w0hEGfBZwxtD9rWgG7JlYAq4qN7IJdwpW9r9GpXLyDvXaqlgSccmw7MWOGPdYkPH35BvpJ%2F7Ifx8qSBv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c763a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 C3F235AC4310w1280h720.jpeg
store.dayfgh.com/uploads/20230719/3F/ 35 KB
35 KB 189ms
188ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230719/3F/C3F235AC4310w1280h720.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 132530fa00eb479d0398d86cfd51e44da5112ea5f2a23ab791edbae4ab8d240f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 02:53:52 GMT
server: cloudflare
etag: W/"1b751140ecb9d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3ZwlSAR8yA%2FuAsZ6lojYJhtSzUJlcqIAujAiLII3QfSr5PwEkZbzzeIEtcsbXSX%2BDuy%2B0c9uTvHRuOqCDcdGBvGYNawYO5HV8cZGcTI2Vjce99HRMmPhS%2BL3s0zj%2F4XZ2yw28pI2HqFTmDsQ%2F6x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c783a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 397E7D1F1ECDw1728h1080.jpeg
store.dayfgh.com/uploads/20230806/97/ 84 KB
84 KB 190ms
188ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230806/97/397E7D1F1ECDw1728h1080.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c4e65f32d3d1108eae4d7719c7127caa8f81ce52365d86c89516190c2edc619b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 06 Aug 2023 02:21:07 GMT
server: cloudflare
etag: W/"4fe6da8cc8d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf3WAM4qBicFF9q9znZ0YHwnlEO1HfN8HXZgG7nbtfHZ7AdFaJLV0NEp8071R4Quf1CA39O9gMzq%2FEyc8Bw4qE6p9BHbXuFRH7zKQ2neTG%2FsTKG6Iy8l0wAvStoIe6gERhjANCWojUZKOBWiDh7y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c7a3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

270932e7bbdf9fec06b0e7228dd5f884e5ec47f93bd0cdea44295038d68f532c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dayfgh.com/
Origin: https://dayfgh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 08:05:01 GMT
content-md5: BetKMpH+KW89APDMJ/nn8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: k3qkC5YqN64cwlAL9o/eRcumVBCrAXgq7drRCm6v37X8IvYoAep2RCLfeJalbuqxPtLQz3hBpVDqHwcJLhE1Ew==
x-fb-content-md5: 3590b009770341d5b6a6348d15bbf5fc
cross-origin-opener-policy: same-origin-allow-popups
etag: "c084d989a59288dbfccbb72794ce384c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:22:43 GMT

GET
H2

200

ad Show response
popup.dayfgh.com/js/
Redirect Chain

https://dayfgh.com/xstat/pop/4898534/1
https://popup.dayfgh.com/js/ad?lang=zh&aid=4898534&host=dayfgh.com&type=1&count=0

0
352 B

421ms
395ms

Script
text/plain

2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.dayfgh.com/js/ad?lang=zh&aid=4898534&host=dayfgh.com&type=1&count=0
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kf5fl7evVEwOkT%2FXmZTcJix9HUWwFobqHBuL%2FemKXMEUSvIH3nP%2B8a78lHQJkCfBG0NcOeRq5UkzT%2Bj7PV3FawIqlrpn%2Fykrnxx8zOeMp37Qa%2BBcPqVq81%2FC4r1nMG3RHKcmln%2B%2BJVagR%2B%2B5ki6"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7f67b0bf7d086919-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

date: Mon, 14 Aug 2023 08:05:01 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fym07TWZGEYUdwnOgQrDvh%2B3Qye9He9uDthqFTiCPl%2Bz7X5ksDd1GsoQqJV0rNDPlixNeqvOYtMl2lG%2F6CprnmfPy6xdj3Dwe8yEbaP9Y0%2Bvhq%2Fm4Z4ay0Mb8G%2Fq0RB%2BcjQ1v%2F6bmNL9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.dayfgh.com/js/ad?lang=zh&aid=4898534&host=dayfgh.com&type=1&count=0
cache-control: private
cf-ray: 7f67b0bd7b453a54-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 0CC0594543EFw1000h525.jpeg
store.dayfgh.com/uploads/20230814/CC/ 67 KB
68 KB 191ms
189ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/CC/0CC0594543EFw1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc3ea80ea28a11c2a85293c5af7982e393703850cc0895dedc23d6b0ed0a8cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:23:25 GMT
server: cloudflare
etag: W/"22578a3680ced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnSa6mj9FvynfR9wTY00lkBEucsWR6m0bgrMgT%2BqLjHBVlm2gt4oYx0qQfg%2BthoPMtLcYKLrq3soTO4FctgWUGPNvLV3DAKuFz3JnunQZnKdG%2FIiAMARiKeJNwIelySaKWUlojqvewCWXxpiBQYL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c7b3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 E44C7A097579w1000h525.jpeg
store.dayfgh.com/uploads/20230814/44/ 53 KB
54 KB 207ms
205ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/44/E44C7A097579w1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef1804032c92aa52f306d23d954cac3ca099600a9d5c9f7dc6682b1e3a1f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:18:52 GMT
server: cloudflare
etag: W/"318c50947fced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfNbzi1n%2F6V7q2cizxgPWJhM2BdNvmMKHxrc88%2F%2ByZM56uzE5PU6fqzOoWT4IukpqAmnaCYmfxW6e7bSLpZ6frQfx%2FnomjvzDTU961CzqVGIH%2Bx41Cjdy%2F0DRNP3m7%2FkRl4VAhMbWl1VZq%2FKCYYK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c7e3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 7733ADAEB3B0w1000h525.jpeg
store.dayfgh.com/uploads/20230814/73/ 47 KB
48 KB 208ms
205ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/73/7733ADAEB3B0w1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1e06f377f7ccbf7f306ff91c3159988e48e755f894f3ef2ff8851964373f672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:18:14 GMT
server: cloudflare
etag: W/"d9f24f7d7fced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foRDFVGMF1aT5sqszaNevDkW4JKYz%2FJKnOfFyE8bKxr9lqcIcUaj%2BS7WqTlmNATE0BcDafa2Erjo8XF8vpJKfhJdiQ7%2F6yXFouglUEw4Y5eQ%2Fik%2FqQ5eWO%2FoRXqVKYn9Obumc9oVN%2FaTYAPqkyzU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c813a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 8B4E557870C6w1000h525.jpeg
store.dayfgh.com/uploads/20230814/B4/ 56 KB
57 KB 209ms
206ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/B4/8B4E557870C6w1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e24ab043cc122c53e376c85a62218b70bbd5eed1e10ee1603fad1c7e6c08d3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:17:36 GMT
server: cloudflare
etag: W/"9a95c8667fced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P20Qc0mL5v3FR9lSFQe2lYHgmZKXr%2Fuh%2BZMpWfUyI5%2F843gYSa8ZHDe5dfWUmccQu%2FWVnodbokSNiDA3WY9MbfYLFcm2ET3HqPhyDKzKkCABquJhf9ED9dg1c7Pyp4dH22p2m4GmywqoT6o%2FfgS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c833a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 D3B41637813Bw1000h525.jpeg
store.dayfgh.com/uploads/20230814/3B/ 32 KB
32 KB 210ms
207ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/3B/D3B41637813Bw1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 53c5141214a0bda88177b4a58b8626769164a09d0a566dd21fa0006e2d2eb2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:01:59 GMT
server: cloudflare
etag: W/"6c59387dced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXO1yyQj5VQWNMtwPYgT%2BhuP6VJyDvi%2Fm1dxmL2h%2BowJYxmDrAFtqyZYoIBtDd4TeDxrFt0T%2BvbnyAn7r7tu0tdJeWvaTiBEqSv2ZHPwMQ73%2BJpzjJ1uyVJK9cvAGumB0cSeV71FidRkunLnYW6g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c853a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 F0F2AADA47F3w1000h525.jpeg
store.dayfgh.com/uploads/20230814/0F/ 31 KB
31 KB 210ms
207ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/0F/F0F2AADA47F3w1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd1582ce09e0df2672ddfc804bd2264ee76729d3ffc92ff3bc7835bab4d8e9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 07:01:10 GMT
server: cloudflare
etag: W/"a3284d1b7dced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS9z%2FHLxIMPV7l%2BfF0lZwIuU7Z4ceBbOMJORb9PZ0Yv%2BbGK9HdnT67Qj%2BhkwztWYTPP4agSF%2FRszZNr7CDxuAn0uWaDeAaArsaj5A6cDc1XKi9lIDcpYYpuKAfsA0P%2BRUYG%2BcoA6EB%2BZlp72mevf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c863a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 E37E8E0A2ADAw1000h525.jpeg
store.dayfgh.com/uploads/20230814/37/ 30 KB
31 KB 211ms
207ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/37/E37E8E0A2ADAw1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec38e96687494a80a93d75e9d6fff292a3fd049b4da3fc869a86c5e290cd9416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 06:54:12 GMT
server: cloudflare
etag: W/"dbd211227cced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9GGQd5K6GAADzO7OmmZ9aKehLxzmapZrOTcXq3sH75tIN2e9hSNWhhnPIcInIXyw1DIVIgualvZm5Mo5kRF7nzjUMLsGKiGW8WiV679B4StvKYL7ioCU45W3a2SVtkGFyJzQVg%2BgD96aDi2%2FxiX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c883a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 F23633521044w1000h525.jpeg
store.dayfgh.com/uploads/20230814/23/ 42 KB
42 KB 212ms
208ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/23/F23633521044w1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12f5ead3b50b92858a374f6e67025365caf4c65d11cddb5e5d6f6f0c6bc59c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 06:52:39 GMT
server: cloudflare
etag: W/"177857ea7bced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44WZuTGNeoHBN%2BQbqC8oF4bR2iqzc2XPzw2OfQ%2FW7kJHoaWppe%2FMr%2BStotAFsD3NiZQ5hgWX2hVYF%2FEz%2BT6Ib%2FFCxSFCybMptsIvWe7Wz5f9NPZbbvKrDV%2BSKqPFMtWcCCESoBE5qW02%2Fklbarqp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c8a3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 567E88A8173Dw1000h525.jpeg
store.dayfgh.com/uploads/20230814/67/ 30 KB
31 KB 212ms
208ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/67/567E88A8173Dw1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5c07122bba24d54984db4d17c6203d8d24cf28719c81269cdef7f014133732b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 06:52:09 GMT
server: cloudflare
etag: W/"ae2eb6d87bced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEJDIV3tttd6Qa6NIdLQyX39sYVjT2nKMI30IuK4GfrjzY%2FaMbCTj75s9bzgklPK%2FsI8QgWZRIA7XO0RJTpZCqrFfzhbZLSn54FhMTQZ9BJoEA90L02RgfKAqMfZVj4NXXvfOaXQ0pLHCmWiTkfP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c8b3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H3 200 8EC4AF4B4EDAw1000h525.jpeg
store.dayfgh.com/uploads/20230814/EC/ 53 KB
54 KB 213ms
209ms Image
image/jpeg 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dayfgh.com/uploads/20230814/EC/8EC4AF4B4EDAw1000h525.jpeg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28466467d24438904b378eb4d9b06e6b4741d91e2c90dcff05064ff2aad0657e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 06:51:26 GMT
server: cloudflare
etag: W/"ce28c3be7bced91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te8MEyDiM%2B9kOt9Lu8P8MDj7zHrP20LrBzZXfNqDuvePUJokGxN1xqN2%2FSNacOSLtGLz%2BA%2Fcg%2B14S2e4jgvYYd%2B85OrbBXS%2Ff1R%2FNonJYLaEeLYHeqX3ERin6ZNwjAbZ8CHy0SZ0B%2F%2FvYGWpeGFB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f67b0be6c8c3a54-FRA
expires: Mon, 21 Aug 2023 08:05:01 GMT

GET
H2

200

/ Show response
count.dayfgh.com/
Redirect Chain

https://dayfgh.com/xstat/index/3611
https://count.dayfgh.com/?3611

7 KB
2 KB

564ms
409ms

Script
text/javascript

2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.dayfgh.com/?3611
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee19e9916b53bc4a9e1675b1992b03c7264d295738302f60839218a4afa8a230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BY%2BU%2FWN%2B3vgRHceyH5aUFMpSKiV62uRgUG5tvT4w8RcnKw%2FC9FHu%2B%2B5%2BxU43Trrx4Qy8ZORO03w9v3WPm0rFwHogOgNaGfo%2FaoOaJV0JOXH5Nf5ySXtBN9YY6XKIohRdCxWHryjbpqKJjMyHbTT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7f67b0c04e446919-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 08:10:02 GMT

Redirect headers

date: Mon, 14 Aug 2023 08:05:01 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7DWIWoAB5GaJ9MIU3Q0eXsTSzj43pOsqSPbmCRcQ6%2FRcok8d0ueoAlt6DqZZ1v0qCpMdkwZ9rtFhLBP57zPapnSTD1RJeQa5W5kDq6dRgAjxgWpzvZJwk8v0Rjw6IqV43Un2O7qKFTT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.dayfgh.com?3611
cache-control: private
cf-ray: 7f67b0bdab7e3a54-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 49ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7219182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcqmnhJcqKZENxH3HrzF1RMUNjZPpjv3bwP7m4niYRcwTiWmlseSdbNEtVf2ICqyjEFbQ78YXu0%2Bfn1TZu%2FLRvD%2FgDMgqRuS2BgZKboT7%2BnYmZhg1%2FFG%2Fr4Ey7lZPoh8WjAmF6lTc9YKzH6NxM0Bm8WK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f67b0bdfc79193c-FRA
expires: Sat, 03 Aug 2024 08:05:01 GMT

GET
H2

200

stat Show response
twstat.dayfgh.com/
Redirect Chain

https://dayfgh.com/xstat/moneystat
https://twstat.dayfgh.com/stat

6 KB
3 KB

410ms
395ms

Script
text/html

2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.dayfgh.com/stat
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3d58987c82251409a1d5a6da9922166deba3e4604527956b568f3aba4c8563af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITKY5ewtg8JEWzfdfFIxUGNKoJ9MheVEShwS5ZLuoToU6094pW9rTWpI%2FZvmIVwNEOtK5wHbCWcWpDez%2B4vzpz0%2BIsmRBZGbFEIh7xdqIZKe6RAZmZQIh6BE9KyaQKc4UWLgMRj5mBwrjMQn%2FRV7xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7f67b0c08e736919-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 14 Aug 2023 08:05:02 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLwmww1TwkGyK2pmKzvpGNUMUuzeP7eW3Bvc26KxAYhAcJM5xmXmN6yOZDiuHPOOyHEnSh3HpLwzEJ0SIOSLKyPQPPEziZlZpF%2FjuqdQ0fNBU%2Ft6GurysMv6n1ORR25WmY%2FvK%2BDOovjM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.dayfgh.com/stat
cache-control: private
cf-ray: 7f67b0bddbbd3a54-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
dayfgh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
24ms Script
application/javascript 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dayfgh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d135f1-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoXrdf%2FT8DfghidzFEdWq6Eb%2FmFC44aLBqUU9LKBxzleqcySDqgCAFaxTl2ZpdtyWVfB%2B5W61TbSJw51%2FIrNnCBMym9%2B%2FQzhi0RS%2FCfZN1hMP3MulHi3c7hJWR%2FVew%2B41HdUWR7tFvhZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f67b0bddbbe3a54-FRA
expires: Wed, 16 Aug 2023 08:05:01 GMT

GET
H3 200 top.png
dayfgh.com/Content/images/ 2 KB
2 KB 222ms
221ms Image
image/png 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dayfgh.com/Content/images/top.png?v=3
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "73bad625bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BY%2BrLlKrB7L0Ji%2FhvPbfBl4O3t37Lq%2Fk%2BGKaz5jtbRsT9f6tzojzFP48JaRy4EMJrUSNCAvbx%2FjUAVIJPCD%2F4Bl3qnnpUgBAhANw31uXneg8CWJ31uCIO9Uo33uKikz3Y4TzZ8KnR8wY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f67b0bddbc13a54-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1810

GET
H2 200 / Show response
www.scupio.net/kanglei/ 3 KB
2 KB 554ms
497ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scupio.net/kanglei/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.9
Resource Hash: 5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.9
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmrWU6G6bUrdBT5Y280x5vj2HOUsAqPMXQY4bDRrBI%2FMRRFUcVCJWel%2Brt2jCB1bXSWVcIAwx82Gt3Cd3mYf9xVS%2BXqY62eohbHJVp7P0E98xxDpFQIKmcanxtXJHURNahiQnStSmxMPgDQSmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0be3a199106-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 globaldefault.js Show response
dayfgh.com/Content/js/ 2 KB
1 KB 246ms
242ms Script
application/javascript 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/Content/js/globaldefault.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 06 Apr 2023 08:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3cdfaf4e5f68d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFAjnk7Q%2BTgwC7OirVE8QVaLi2P%2F80vx0dYvqLXnRY6ePec75Ns4JmfEuvdvfvs6Ct%2BM4X5YxDOvRO7%2FYkD8a0aYj50mnqgAI3zIk4I4dE7LcPqU6%2B5ZuMrKHPhnrLfx%2BJrqs0QytLH1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f67b0bddbc03a54-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-gyyplay/ 507 KB
52 KB 259ms
209ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-gyyplay/loader.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f98420b05e6b8a874c377fd42c9c24175c280c7721982d033b3e32990a10c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: W0ebj1ATxs2rS.7kY5BRG7xagfEBuEgK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 14 Aug 2023 08:05:02 GMT
x-amz-request-id: W73PT4A1G5JW0XF9
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 52434
x-amz-id-2: X38/uIfQbcsl/ylzAD6CO3B2T87t6+PZY0akvfjf+CSby3QN/CIzkc7000t2eC4xG2h3ewhit1I=
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Wed, 02 Aug 2023 16:07:48 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692000302.852315,VS0,VE191
etag: "036f0a38d8c1e3ebc3c6e41b7397e1ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 8DB2 1 KB
1 KB 411ms
409ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bddbc33a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39ReyEYQB6E9LEqpX5feUN%2F1GODZbg%2FxqSi6Ix2%2FdOg8KmXBCfTvRvvNl%2FAZZuN8d%2FATR42S3oIVtN%2FhbigTyM%2FA43t1wne7Z1W%2FLm%2BduFFSgP70coj49soGAEkrxwl6dUG2pcGRxcuN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame F9BA 1 KB
1 KB 429ms
429ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bddbc53a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NpNqW0sLgjoGoyIsXHtMB%2FoonubVhw68mvrNNE9c3VzpZcj1WNe2GO%2BslgsecJ3x%2FXinajANa4PGQhrfH7AF3NVKEbu%2F1Zp1rbOLyNhnO1OC1IazeGfbZgPEFPPs6nRpoco8vunByHx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 0F5B 1 KB
1 KB 408ms
407ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bddbc73a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apK%2B6KV%2FEPDfejSKyR%2BKU4fWpmGqYYX5xScEL7N%2BG81E%2FlbPXF3paqTZ%2FfOi8gJF1rBDTFs5WPCud%2FlZz9GLzZT2zwdOWuhVBdbk9WNB2756OODhy0yFRCIIJp3dS%2BGWatIb%2BPk0dYZt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 8E5C 1 KB
1 KB 412ms
411ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebd83a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H76%2FE5s936hicd%2FH%2BZr2Kt1W8Q71GrLn%2B5rZQvyTB66J2feZeJhu80J%2FWXZ2HPgcvxHvCjlH8PhVBovz1jPRTRyp7PM91OOv8OkuHoGm5JaO66fF%2F%2Fi5IRXUULIIHhCtgf0w7PDiRx2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 474B 1 KB
1 KB 433ms
432ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebdd3a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0VGx4oiaPA%2BnhMzhXsOP2WgA0hhh8qcZiG9c0CpEkyjxc5LA0uE6Z%2FehwDZE4ewKKKEjVS3XqX57uUWUOYQcej6%2Fkapc8l%2FRgGwb32jKtS9kaFrQVRCfOBKJNfNbY84oUoqxT5gBZbJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 56B2 1 KB
1 KB 412ms
410ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebde3a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ydvmx1ATshet8afw6T9RzqiAJVyIIUq90CJK5qhygiN35HdRKXbBgc9sjwPiGhNVdo70%2FzKRrH0AX0vhWDI8lfeHTkbD2WXi2TRAa5skrDLyTedGT3B%2FEEHDhSkw0vpEX9mGDcVXjR0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame A2D2 1 KB
1 KB 428ms
427ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebe03a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weQUAjnRkYy4lZI5SZNTfz%2Frb%2B18CA2zigp%2B61Dkhh1%2FscalOFbP%2BDeC4EIsJ1f3YG%2FOAs%2Bx%2BHHBO0RE5BTDD6%2F4iz4G6W%2FWeY%2B5Fh%2FP%2BqJMn3HlIJ9Pf6y8TPD4ru%2BGMu%2FQAwClyXKF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 1360 1 KB
1 KB 411ms
410ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebe13a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0QS71BhpSBBLlg4MqeWtEE9Nk%2BjhPqnVKfOSXNkuVQI4xs1N3WTUVqSGxUus1fxSwRcVVed4dM5TAJriXi54XGCwiUop8GCsfEaBee7r1i%2FxUnJHos3E%2BnK5SOD4VkKM8pBJ3FvOrG7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 105 KB
37 KB 109ms
21ms Script
application/javascript 92.123.150.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.150.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-201.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 2ec1a7971b91370d32b4c2dce88dbd5fd3f2d4f978a6789764013f9aa84d2a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: roLc4755UfeUqJz847gzHGeAThdlGuWr
content-encoding: gzip
date: Mon, 14 Aug 2023 08:05:01 GMT
last-modified: Thu, 10 Aug 2023 11:56:07 GMT
server: nginx/1.20.0
x-amz-request-id: 004TKXG96GMA6ZE0
etag: "01179fbfe78faf7094a4e640a3a932b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=52038
accept-ranges: bytes
content-length: 37614
x-amz-id-2: x3NkgNvQgyzKvkFX2mchQG4zWmzV7kwtC+KwnZbK89ybB01towMHgOp3h5UWkh5QUbEMYY9j1dg=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 79 KB
17 KB 1310ms
487ms Script
text/javascript 3.112.164.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.164.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-164-126.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9951b0adf946b63289a2f704fc2fa85f4279144e224c4fc5a27a9f5d51d68a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame FC86 1 KB
1 KB 411ms
410ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0bdebe33a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htjg30%2Bjizwq%2BesrSwms9iioEqUvlxUxyUQXpfw3MdMXxXUbDPnDVpTihHnbfwapD9Yb57fuDPpmKM3lxoLnIfa4kEVv8pJWI9t80OhiSLuKoQIE52ou8nKwDKpGvz18uEwyhxKCWday"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 307 KB
87 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=762b4f713434a330d76a6d0402f5fe1d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

701e81659d567c98998ad7fe342f4621671e06a10d83e1e223d23e6b03be73fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dayfgh.com/
Origin: https://dayfgh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 08:05:01 GMT
content-md5: vt/wVk0jg/4ajhIc9fjtoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88858
x-fb-debug: 6q30bIU22gg5Jp2Z30zXPli73rvXKHci6LOzN0MqqoVDBRpCMMD9ZVDQrAmfdwUYAfIUnx471xd5o0NDWxYMYA==
x-fb-content-md5: 898dc4090251f8eb4b062cc5c6c3ea20
cross-origin-opener-policy: same-origin-allow-popups
etag: "2904983cc77f5ec6765fb8caed90185a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 13 Aug 2024 07:09:26 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
19ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1001839627068325&ev=fb_page_view&dl=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&rl=&if=false&ts=1692000301882&sw=1600&sh=1200&at=

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Aug 2023 08:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 135ms
90ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5960085352433364&plah=dayfgh.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5960085352433364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc1b7780605422d8aacffe9fba910e905d1469a4383ff80cb12b61e675554cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128607
x-xss-protection: 0
server: cafe
etag: 6139626123082875185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 499E 10 KB
5 KB 83ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5960085352433364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 07:25:35 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 07:25:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 839 B
1 KB 806ms
268ms Script
text/javascript 54.180.52.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.180.52.191 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-180-52-191.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"347-8GoA0VRJvJkpQNrk5QcObAOdyHQ"
content-type: text/javascript; charset=utf-8

GET
H2 200 impl.20230802-16-RELEASE.js Show response
cdn.taboola.com/libtrc/ 792 KB
164 KB 23ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-gyyplay/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: B370O2Akuc9VOHJhty4scS5evCYj1ulD
content-encoding: br
via: 1.1 varnish
date: Mon, 14 Aug 2023 08:05:02 GMT
x-amz-request-id: 1NVWA403V2XRGMF3
age: 8443
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167712
x-amz-id-2: YN3BjMHFKE+AY7rDQLwx/YrCgULgo5InrEA03yrwmZsi1tTeloHanuCNDVyzl9g4XDKxIMZ6P5I=
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Sun, 06 Aug 2023 11:27:29 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692000302.114400,VS0,VE1
etag: "9bd2884e43a521953c7e23ef55609cae"
vary: Accept-Encoding
content-type: application/javascript
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 77ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dayfgh.com&callback=_gfp_s_&client=ca-pub-5960085352433364

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5960085352433364&plah=dayfgh.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d3a794bb12b41d963c52713c8d3593a433baffd8527c9383df26f654b90c224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E19 11 KB
5 KB 322ms
321ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5960085352433364&output=html&adk=1812271804&adf=3025194257&lmt=1691993102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000301896&bpp=3&bdt=642&idt=250&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2019872947101&frm=20&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000302&ga_hid=782162920&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076088%2C31076807%2C31076924&oid=2&pvsid=1617046438122927&tmod=1853265662&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b1cd0f055b691370a8c4fa946467ca19e275eed7e57137862735f51dbf42396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4718
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:02 GMT
expires: Mon, 14 Aug 2023 08:05:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 0F5B 2 KB
911 B 594ms
523ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666ef8c31f4ea228fcb6d251080d9b2dcbebbcb7b063ab3c67156f0f0127d82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRAH01JkwNlhcTlKZwJcjwR%2BNAse%2FXDWy1HWD2VpCUnT5gSp0NwFpym1thvItDbHTMNlfpc%2BjdSS25jlTKrfsSrnPNgArBNXtLYwJrFrZwkEvHo3wOB858O3U3wavdzqMR%2BuQoACOTX0PTycP1Mw%2FWfJFNZw"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118c96931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 8DB2 2 KB
919 B 587ms
517ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73b9e770f530945fb2ba1dee1f40c1a0658441381fe982770cf3d57994a2db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ib0nlRwVC1IMxYfDn%2FX8qYoe1lDhp8by1kXYapBqYbTaJaXZpZD%2F68mxXsDSqqAO%2FkwAKWnCKq45HEiPh3PJ50vIm8bXNlthbm2eaAwsFtkoT1PXLiXwUA0zFp2lcvF8jWejVjDwx2aYGy%2BCA88QxjJyYlKi"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118cb6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69CA 430 B
427 B 246ms
246ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5960085352433364&output=html&h=280&slotname=5705254605&adk=3342255844&adf=2469204067&pi=t.ma~as.5705254605&w=850&fwrn=4&fwrnh=100&lmt=1691993102&rafmt=1&format=850x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000301900&bpp=1&bdt=646&idt=277&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2019872947101&frm=20&pv=1&ga_vid=1286942092.1692000302&ga_sid=1692000302&ga_hid=782162920&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076088%2C31076807%2C31076924&oid=2&pvsid=1617046438122927&tmod=1853265662&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5RaQdmVo2E&p=https%3A//dayfgh.com&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffae8467ccd390359968de3bd4e0f29377e381e265b8505addf44cd5bbfe03fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:02 GMT
expires: Mon, 14 Aug 2023 08:05:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 8E5C 2 KB
919 B 590ms
530ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b7fe5c50b0cd31dfd354ed45f603b21296ba2537a2e216a19dcca08949d425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gws6UIEtfIGPQQap5rvNtwiYVu6FCnllB1Q7dqZQ1u4ys2tWdVDkFhFsQdD4UCtlx3FpZkezHQl%2FnR7lubOmvkiGsQ5aPwu%2B0Wovn%2B5MSoEfm6NfGKNTrNBT%2Fy3WZVGy%2Bfqra6yHlKDgXMG7OYpbw5cHXklH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118cc6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 1360 2 KB
1 KB 565ms
507ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b6a035821f83e7f4f03f0279468d3454d71105eefd63c26db9f02dfa39e695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkdiZY2FPb5ZF7ab2ilY9p3M%2BV1HmAMGmmYRg8SbfnI6cKGB4XpChH08E1S9336Qd7vN%2ByT2Z9ODeg%2BzbVUCaDluHOodi2M5e76sGZ9m6BLTBxGGhU9%2FKQm8NXnIeTQKz7NMrBqETOJc5E1uwesym5MAFgeY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118cd6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 56B2 2 KB
909 B 570ms
512ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a52c4e351818d15f256764160d164a8465216e382e085c0c1d731c4e7db2ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FRvv3swCYZAUG4VB90I63ELEeN7hzFtzfULksP1Sn5ixpfb%2BbUDGl0DONo%2FVdHhVN%2BTE0yi8o034YlB1qDeFW9PjpjjGZtkPf%2BhaaVNyyxmRmM14b5zkt9u3YXPzpZ1lndZrpxBSAPsCfEnPRHXlju1NhIY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118ce6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame FC86 2 KB
922 B 586ms
530ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73b9e770f530945fb2ba1dee1f40c1a0658441381fe982770cf3d57994a2db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFhDK8FghFYaxveJPfcbYvWhCd6bC3lzyXbvqrg%2B9jC0MOjxeiNVwSBc2ymYyjPc%2BsP55Pu4zdZuaZ78xspULZui%2Fad47BZOJSl5x%2F%2BUxQlBzuDIN2xW8E7Ezxowx1F%2F5iw1VSHEYWSin8EYe0UIFBPc1h0E"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c138fe6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame F9BA 2 KB
909 B 584ms
528ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a52c4e351818d15f256764160d164a8465216e382e085c0c1d731c4e7db2ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goS7WU6kWCuU%2F%2Bpyy%2F4SiTSKokPYqU4KE5Srg4bMlbx5EKJxfFo%2B39GLFl7wHufaVkuXlMR1gItbS6o6lRWqTbGWNXJgp0qDL0uGwOGpkNF0EZm7%2BoBmZh1z9QbgilaU6UB1YL7UAAYcQsfNRwxtUOvstkjb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118d26931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame A2D2 2 KB
913 B 566ms
511ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec4fe68b927b4cd6d6b99e1341382c8881ca80840ea96f36aafb6468e204c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FeAiws2GpZg5C8sJvdE8TamlOzeVL8UXQ7ZcP2g%2FEMOPxnkKVlhofvpp73AAx4yZmaIDQCYJvq8LPDanq%2BseVj6y1R4BXwdA3oBwon07QeyoRklnbuOypdDtek4%2F97uzI3ahneWWi304DMu1yK6BMXLnyZT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118d16931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 474B 2 KB
902 B 573ms
519ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7adf697b2dc38c504449e5aa8d1dc1070b563341464cf5516a93ada8d86dea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic2n04F0DMaHlC6y2HMs9GppF2m34VIkpsiQQ6cYQgtUFj1k%2FNnNM8w4EqDSgg4R47EjccO6RmM0lwQ3mwKQVcSIKcghffkJFCWE1SE%2BbaM7jUw8WGjhOkR23nqaUzTuA0jxAtjvjEU%2BgAGgbir871cGIWMJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c118cf6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 102ms
33ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 273020
expires: 60

GET
H3 200 gmifr_lei.html Show response
dayfgh.com/ Frame 96F1 1 KB
1 KB 230ms
229ms Document
text/html 2606:4700:3032::ac43:cfb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dayfgh.com/gmifr_lei.html
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cfb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c1f9743a54-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1FgKfAK5CBcsAI%2Fa%2B1uFeoXhgu3SkYwWCX4RkhXo18Ivl5vOweq1YgRn%2Bsb6fS0J3S94eQ15ObTAA9Tma68r6JF140Megu2C98T5FOfTO6Gw2czG1ikBt2Pn83Lvo88fLY3liSL21xr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 json Show response
trc.taboola.com/palmate-gyyplay/trc/3/ 31 B
364 B 38ms
31ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-gyyplay/trc/3/json?tim=10%3A05%3A02.390&lti=deflated&data=%7B%22id%22%3A183%2C%22ii%22%3A%22%2Fdoc_c0rjannjdjlvu29kdlq1udbyrehmqt09%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690992465290%2C%22vi%22%3A1692000302388%2C%22cv%22%3A%2220230802-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU29KdlQ1UDBYREhmQT09%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09%22%2C%22vpi%22%3A%22%2Fdoc_c0rjannjdjlvu3buznfcwwvlng1hdz09%22%2C%22e%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A19313%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A19302.703125%2C%22mw%22%3A890%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdoc_c0rjannjdjlvu29kdlq1udbyrehmqt09%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://dayfgh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 11
date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7872
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230061-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1692000302.411600,VS0,VE11
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://dayfgh.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/palmate-gyyplay/log/2/ 0
90 B 103ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-gyyplay/log/2/debug?tim=10%3A05%3A02.431&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=5883&cv=20230802-16-RELEASE&lt=deflated&uuid=f7fcf158a9f665b7cb0dc7f1b061d0868175769ced2e579e1f65a17151e5051a&dcc=1&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25513

GET
H2 204 debug
trc-events.taboola.com/palmate-gyyplay/log/2/ 0
89 B 103ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-gyyplay/log/2/debug?tim=10%3A05%3A02.433&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=2901&cv=20230802-16-RELEASE&lt=deflated&uuid=f7fcf158a9f665b7cb0dc7f1b061d0868175769ced2e579e1f65a17151e5051a&dcc=2&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25513

GET
H2 204 debug
trc-events.taboola.com/palmate-gyyplay/log/2/ 0
89 B 104ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-gyyplay/log/2/debug?tim=10%3A05%3A02.434&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=9332&cv=20230802-16-RELEASE&lt=deflated&uuid=f7fcf158a9f665b7cb0dc7f1b061d0868175769ced2e579e1f65a17151e5051a&dcc=3&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25513

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 125ms
125ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-5960085352433364&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230809_103533&sat=1691797944782&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.014&alldns=0.014&allp=5&fd=(0%2C5%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=19993&abl=false&rr=n&su=dayfgh.com&pvc=1617046438122927&r=0.1&eid=44759926%2C44759842%2C44759875%2C31076088%2C31076807%2C31076924

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 1195ms
305ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=c239d56d-550f-ee7b-1609-5d6dda9e30ee&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&referrer=&rd=0.281788141633073&sid=3611&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.170%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 08:05:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 148ms
64ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Requested by

Host: www.scupio.net
URL: https://www.scupio.net/kanglei/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdf8c0d99813117b4ab67052fea18f43fc6b3fcec0a5e502ffc1d4f6322d00e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 11AC 83 KB
28 KB 137ms
76ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d182d9e2c54cbbd82b3721938c84ac469b3f218e2a110bb48cb647ac3c95428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28121
x-xss-protection: 0
server: cafe
etag: 722 / 19583 / 31076971 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DA70 83 KB
28 KB 215ms
162ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02df9b43f75eb2a3e8ea52312db4ba18704397d7734954247f0e9530f2e5bad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28122
x-xss-protection: 0
server: cafe
etag: 392 / 19583 / 31076939 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FB58 83 KB
28 KB 212ms
164ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd19169d5f40955a438c1c9caa8ed0e3a0bb1cf8494a9f289d823fa222cefaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28120
x-xss-protection: 0
server: cafe
etag: 532 / 19583 / 31076940 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2 200 page.php Show response
www.facebook.com/v14.0/plugins/ Frame DCCF 41 KB
16 KB 155ms
155ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7df7de58389dc%26domain%3Ddayfgh.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdayfgh.com%252Ff1bf8954cc1c7bc%26relation%3Dparent.parent&container_width=884&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100091684089401&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=366

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=762b4f713434a330d76a6d0402f5fe1d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

988a1f4d18b0c06a8871be521ed4fa942462e227d87efe43b76d1f17faf8cd26

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:02 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: J6KOj2sipvJruhqM03J/WEGf29z/qgVatUuUCJ8KE/gtMk7apJzlNz7TrzzG3cNrHJL7UCyvcF0sg0BhbDd4Cg==
x-xss-protection: 0

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 96F1 2 KB
1 KB 517ms
516ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd02fc3bac12b49c49ac918d7a1939ab7ddb0f81dfa4017a8ddd6a786e173c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3HcJ0cbhFmRM4DexK0yU6n73cbcouf90gS6ALVjTOMkIIKPPkLM3ec96Kbd5%2FTiNd8Xg9apnlqGpDVQ%2FbG5e7lEUw1roxdpr7xmuNVGkUZEwInCfFs62GuynRQ7SoMBkD17%2Bxc5%2BAYCc%2FWdJ8HN5WNOZaoX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c36bad6931-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/ Frame 11AC 400 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2030
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129196
x-xss-protection: 0
server: cafe
etag: 4052064757744512332
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 07:31:12 GMT

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 1360 0
0

GET
H2 200 p_lVe8z3x7G.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/1,cross/ Frame DCCF 29 KB
7 KB 26ms
23ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/1,cross/p_lVe8z3x7G.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7df7de58389dc%26domain%3Ddayfgh.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdayfgh.com%252Ff1bf8954cc1c7bc%26relation%3Dparent.parent&container_width=884&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100091684089401&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faeedbca01f481fa080d1abb45faef7025c26cbbdad18bc3c7f4d5e4cc8a771d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OcQ1rmAA5nr4QYO/2TT3xw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7155
x-fb-debug: AlfEPW23kcb6ZRLe1I6vpgMGwuZrvm4sAqxxR1ojEeBI2jEADtQ7VX2t/8lDKkLpEaXOvpn7JFP7KzvTzQF5WQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 12 Aug 2024 18:57:21 GMT

GET
H2 200 CNJWJb-rOZz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame DCCF 307 KB
82 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/CNJWJb-rOZz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893752c8713ba6eee5b13fd785172edcf59eccb406d9c7f808ed374e1264a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IB5qNABWxRIwsFYoaU6bRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83460
x-fb-debug: 6Mislxn75BnMBKXNCyXfbogL9iyEqoWKUYnAgqMMwfughOkxq9Xkz7hPqzlX2d0CDm+G22paRpsmSnV3dwEzQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 01 Aug 2024 00:11:26 GMT

GET
H2 200 Qto6lZB1h_E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame DCCF 5 KB
2 KB 46ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/Qto6lZB1h_E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fzNYTRpcsZeVNcWDrqrE9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: +T5lTD7wm7dM6Ig4TdCQLpWFZRL6yYx3zXjrDZky8CFyeZTrBsiYRn3iYHfNOGBEo/kHo0pNic0xGQwmH5QY9g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 08 Aug 2024 01:46:53 GMT

GET
H2 200 Kh42n8c3c__.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame DCCF 97 KB
29 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/Kh42n8c3c__.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74dc2ed6aaa60697ee0c9725bb97047b39b2370600bc4fc5dfa6f5cc798e97d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G5GcK+07xujHaPWkkz8PYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29525
x-fb-debug: iIUuw5qqqYivKemHkVBGhGzQsF++YRRnU+H9uTbtl7QQMQAbzLNPX+UN8KFcaJ0ao7yrNOrhPlGaNxpvxRbECA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 11 Aug 2024 02:48:02 GMT

GET
H2 200 BCWVR3FJW_8.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yH/l/zh_TW/ Frame DCCF 126 KB
35 KB 47ms
45ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yH/l/zh_TW/BCWVR3FJW_8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24a692a33cc0444d30fd968fa73a62bc43f15ec6b392f4ba79b854ca656bdc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: i+Eg4i3xMmvpaGw+o3YJTQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35687
x-fb-debug: 9APXiAz2eUsR9Dr65a7KAq1epMiuxCk8YqKEoWR5TzwdYn80zqsbMcYV7BoH6sTxjh/g5BC5U7db0zQfg9cH/A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 08 Aug 2024 17:32:22 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame DCCF 507 B
486 B 46ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: 6SnxOtpOoa2OSjA+97ZHDo2uuCgmBoaSKAlO0DAHzbqIa5FlO1E7q5qVd9W/KI/nsf6gqwHLA6KBlkZcO+UpLg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 01 Aug 2024 20:37:33 GMT

GET
H2 200 340120210_1314808079377324_8453029384370172697_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame DCCF 27 KB
27 KB 92ms
48ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/340120210_1314808079377324_8453029384370172697_n.jpg?stp=dst-jpg_p370x247&_nc_cat=101&ccb=1-7&_nc_sid=b5f135&_nc_ohc=U0P0ElDYFAAAX-giIr8&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfANrCj90Fu3jWJVwIf9IcGjIYmSuEsI10Ou-sO6bln_-w&oe=64DE7EA6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7df7de58389dc%26domain%3Ddayfgh.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdayfgh.com%252Ff1bf8954cc1c7bc%26relation%3Dparent.parent&container_width=884&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100091684089401&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ac82a8389d74c157056619807ad8de3de970332a422bb6c85f4ec853274d752d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 08 Apr 2023 07:43:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3296013696
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: B1uYSi3x_-cjVy7K0vLeQ6DVtC_42-a5mPVobu4bimVy13dnMeXBZutXnubdTEgZmXkTAHwiwXsd9bYF2tlGKgELSkzEYl34zvh1hzcDEseChGl4pnIu5Aoj9fjxmgcW
cross-origin-resource-policy: cross-origin
x-needle-checksum: 331281021
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 27403

GET
H2 200 340227466_201545692583159_823924851076273301_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame DCCF 1 KB
2 KB 114ms
73ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/340227466_201545692583159_823924851076273301_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=db1b99&_nc_ohc=E8ZX3kOv4FgAX9U6ZST&_nc_ht=scontent.xx&edm=AGeEj18EAAAA&oh=00_AfDDSJkQ67yq3yhnWpnZ25TlkrWLVUxFcxSXtLfwdCwqGg&oe=64DE872F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7df7de58389dc%26domain%3Ddayfgh.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdayfgh.com%252Ff1bf8954cc1c7bc%26relation%3Dparent.parent&container_width=884&height=130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D100091684089401&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 225b546f1fe1c6bb838705b277df69d737f6244d03df0827051f848ecc1d1d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 08 Apr 2023 07:41:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2813197797
thrift_fmhk: GBBp88wXSfXyGuuOHSIy6bW3FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: VUVMhY1RaQesooeAEh-n195-rb1cDj8kEJLeMwUqKlnHLwFe-oXqKnz_8xQJ1feD7Qt9DKPJUU2hV6uBnQiDUjJOnRA8TpuGju8LmGnIooVHgCEzigd9zdMxhd3PEshw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2362080351
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1522

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 87ms
86ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f218df25ddc056b6a52718f1934823ee73d0da40d42d8d469f9a9ae3c9b583c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 07:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 919
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 14 Aug 2023 09:49:43 GMT

GET
H2 200 gmifr_lei.html Show response
19globalnews.com/ Frame 1360 1 KB
1 KB 302ms
228ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://19globalnews.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c52a2f4dc3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Mon, 14 Aug 2023 16:05:03 GMT
last-modified: Mon, 14 Aug 2023 07:27:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlns02DTUmIKjLO5DZa2QPoW2HuKlaTDH3fHtLEHbDdlJithXDlAA7lGWd7yr7dg7B8K4tyKogSsODfi2sTwOG%2FQFWnX1o%2Bs8A2RFIQvYPUvF6BNSulNCEllvMrLqb441Og8VkqJBH82GlSAYR3c"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame A2D2 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 56B2 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 8DB2 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 474B 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 0F5B 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame F9BA 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame FC86 0
0

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 8E5C 0
0

GET
H2 200 gmifr_lei.html Show response
jkingtimes.com/ Frame A2D2 1 KB
1 KB 314ms
224ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jkingtimes.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c56ef74d3a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR0orrDl2u4B3cBLdRnvmJQ7r7OScHGFdVUx6Ig7pX4DCdCM9Pl6eRzmYWZHanIGeRQO0O2ZCFUd1nV%2FwzmUoT24j4rGjlhQzJ98c7JuJvL7wzanSQ88zZ%2BhSCAvV%2FGarNPR9HxhI%2B90PdRrfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
dwjhgx.com/ Frame 56B2 1 KB
1 KB 300ms
221ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dwjhgx.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c548a691d7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHtgS%2BXbdpA%2BZuI%2BbJiOGwnVgw%2FdfJ%2BrcZ%2FBv5Q6AbteFIxu7HXdfhuZ19quZAoghakoRPiPhRl2Jl9z0vKPcsSXK%2FbySN4Z%2Frx%2BtmMzrPBDUTcZn6dBED2ssi8e2EEC4D3FGtSLdErm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame 9FFE 336 B
377 B 330ms
330ms Document
text/html 54.180.52.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=472bd636-f5c6-411a-8a2a-cb3316d06a31&id=dablewidget_goP0dJoQ&category1=%E5%A5%87%E8%B6%A3&author=0&item_id=4898534&item_pub_date=2023-08-06&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.180.52.191 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-180-52-191.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 7f68d970d2b924a1dc2b863204dc36e35995bf85d97d3fc845c7ad08da58a9df

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/ Frame DA70 400 KB
126 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16673
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129241
x-xss-protection: 0
server: cafe
etag: 14615361730175754207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 03:27:09 GMT

GET
H2 200 gmifr_lei.html Show response
yaya0506.com/ Frame 8DB2 1 KB
994 B 468ms
402ms Document
text/html 2606:4700:3035::ac43:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yaya0506.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:91e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c54be7377b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1K3EMK9FzkJ5nftDH24QQuiNKMtYHyFh01GA4VP3Uc9pQAMcIckGm9zzriQ8yGMpjHO%2BgWIKZL5I1QBY0h4WCWLJ7RVe5IKVWGF0jSr2qoC2dZaIKIpJcnORiEtedVlSfe%2BojNpQwILxRzk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
itigeryou.com/ Frame 474B 1 KB
1 KB 493ms
405ms Document
text/html 2606:4700:3037::6815:3411
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itigeryou.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3411 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c57d1c1d96-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7TJgDG1628iPXAITZcUmipynyTcSQCAAYYkEVKrjWYlPRiJ%2BO0kkmAQE289RZW8MkJt8UZGVxywEoeKw6il%2BLXrfsngpC3rx00ze8hdDik9mfupKNhlg92PzD1bCaXdwmvr9Dx5%2BNjmG6te"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
angela-babies.com/ Frame 0F5B 1 KB
1 KB 472ms
228ms Document
text/html 2606:4700:3034::6815:42b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://angela-babies.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:42b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c67e7f2baf-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8%2BSqAjCWmWukKoMPr7jpV0abF0X%2Fyr57GTW0k456DDa4mt1xIJvSsREkNaybIRz1swv7QXJRIsPv85q6JMdbVTBJ5mX0WqJQHTfWs8oInvjUbenmF7UW%2FVckAolTqHthfg6skhDyk%2ByFeB61jfp9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
dwjhgx.com/ Frame F9BA 1 KB
989 B 495ms
435ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dwjhgx.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c558a791d7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnu5lDVpmNVDEJYEuMLPUIX0egJfYV771rewfrvkIBBT1d0ETsTy4mLR91bfAcXZ5N0n6h4Lvkqu9kCAI9rPdWlv%2F7cBFuwmnGtHDEat6HLF9BYg4xR08%2BYK5hVwsHukbnz3RNKsC9oA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
yaya0506.com/ Frame FC86 1 KB
1 KB 281ms
221ms Document
text/html 2606:4700:3035::ac43:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yaya0506.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:91e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c55bea377b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNeBFuaNGBBZ7t%2BY9WpZAvOsYs%2F9R9gOAPUGMhFccbbednXsrJHpj%2Bw6BmvU51bH%2F6ZgIGf5wVwRBnC4ybAQ4cz9PDV45OQaEBKZ4VqYVwrt5TFq25F71tNzsbFXgx%2FaVh9WIWurVlPAAcs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gmifr_lei.html Show response
coolsaid.com/ Frame 8E5C 1 KB
1 KB 417ms
291ms Document
text/html 2606:4700:3030::6815:5bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolsaid.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c5ba7e19a0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cvp3HYomLG%2FJvXzqhDJVnFvS%2BT8%2BJFy4mKOldGc5lR7NRHItWel0n3cDkzUhFM8J8APp5l%2F3hJs82TCrggVeR9k%2FxGQbmxgT0bgLcdrtyKJ7WhJJULZjlzKBeZuiygzp29LQVICq61dVRc4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ Frame FB58 400 KB
126 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33941
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129236
x-xss-protection: 0
server: cafe
etag: 3196626984536983108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 12 Aug 2024 22:39:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11AC 48 KB
17 KB 244ms
244ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=299888461930810&correlator=4447244093332160&eid=31076399%2C31076768%2C31076923%2C31076971%2C44777897&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&abxe=1&dt=1692000302910&lmt=1691993102&adxs=632&adys=787&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=t2wtmjlka9s7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&top=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=165872344.1692000303&ga_sid=1692000303&ga_hid=91800971&ga_fc=false&dlt=1692000302572&idt=319&adks=3507171008

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c6f61cca00baa6580d007f97dbb6816795a2ffef2379ac19468ec0ab9061425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16887
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dayfgh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 11AC 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308090102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da543cf867e15963715895a72d3324daa9371b05afff55c5cbc64b68d60c8352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11811
x-xss-protection: 0

GET
H2 200 container.html Show response
96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E51D 6 KB
3 KB 129ms
34ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Tue, 13 Aug 2024 08:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DCCF 573 B
713 B 46ms
22ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/1,cross/p_lVe8z3x7G.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/1,cross/p_lVe8z3x7G.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:02 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-debug: mxOrEWT/GH5UxvG61Zu8bEWrDGK9pBSkiIZ3aWxkbTOS+J+UYbMMkay5GYyxp7Cira8xmRkBrkeLMTHWLwrG2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Sun, 04 Aug 2024 04:52:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 27ms
26ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=782162920&t=pageview&_s=1&dl=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ul=en-us&de=UTF-8&dt=%E9%87%8D60%E8%90%AC%E5%84%84%E5%84%84%E5%99%B8%E7%9A%84%E5%9C%B0%E7%90%83%EF%BC%8C%E7%82%BA%E4%BB%80%E9%BA%BC%E4%B8%80%E7%9B%B4%E6%87%B8%E6%B5%AE%E5%9C%A8%E5%AE%87%E5%AE%99%E4%B8%AD%EF%BC%8C%E4%B8%8D%E6%9C%83%E6%8E%89%E4%B8%8B%E5%8E%BB%EF%BC%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=788363441&gjid=595481071&cid=1286942092.1692000302&tid=UA-87942765-23&_gid=2127296343.1692000303&_r=1&gtm=457e3890&jsscut=1&z=2132278179

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dayfgh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dayfgh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 78ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VCEDQQD6JV&gtm=45je3890&_p=782162920&cid=1286942092.1692000302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692000302&sct=1&seg=0&dl=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&dt=%E9%87%8D60%E8%90%AC%E5%84%84%E5%84%84%E5%99%B8%E7%9A%84%E5%9C%B0%E7%90%83%EF%BC%8C%E7%82%BA%E4%BB%80%E9%BA%BC%E4%B8%80%E7%9B%B4%E6%87%B8%E6%B5%AE%E5%9C%A8%E5%AE%87%E5%AE%99%E4%B8%AD%EF%BC%8C%E4%B8%8D%E6%9C%83%E6%8E%89%E4%B8%8B%E5%8E%BB%EF%BC%9F&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dayfgh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DA70 27 KB
12 KB 296ms
295ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4383569428738245&correlator=1682972153674221&eid=31076923%2C31076939%2C21065724&output=ldjh&gdfp_req=1&vrg=202308070102&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&abxe=1&dt=1692000303002&lmt=1691993103&adxs=632&adys=4200&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=dufn8cr8zqxt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&top=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=1286942092.1692000302&ga_sid=1692000303&ga_hid=1371339307&ga_fc=true&dlt=1692000302581&idt=404&adks=3507171008

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbde04eb519d5d0d6d911ad123c3221438e9c9aec3fdf2cd33d28c9e940803dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12083
x-xss-protection: 0
google-lineitem-id: 6175170393
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138416501104
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dayfgh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA70 15 KB
12 KB 69ms
69ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308070102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ff35fce167fdfacbd9e733d6c5a7f09983c3366592a9fa7fe1437a955c246b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11769
x-xss-protection: 0

GET
H2 200 container.html Show response
3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4B2 6 KB
3 KB 60ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Tue, 13 Aug 2024 08:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 11AC 17 KB
7 KB 81ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FB58 28 KB
12 KB 279ms
279ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4174172713156697&correlator=307026414658337&eid=31072020%2C31076869%2C31076923%2C31076940%2C44777897&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&abxe=1&dt=1692000303039&lmt=1691993103&adxs=632&adys=18373&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=egy0h9ga61ro&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&top=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=1286942092.1692000302&ga_sid=1692000303&ga_hid=543093777&ga_fc=true&dlt=1692000302589&idt=427&adks=3507171008

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5810f0d97a5e94360f9748483c1cd4c1a8046266a38498331f9ea368ed3ff01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12355
x-xss-protection: 0
google-lineitem-id: 6193997439
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138418927877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dayfgh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FB58 15 KB
11 KB 72ms
72ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308080102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16ad6fb4f790439cf5a9932294c85a1120559a0019e3031e5ff3bd0939929706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11735
x-xss-protection: 0

GET
H2 200 container.html Show response
ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 453C 6 KB
3 KB 89ms
29ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Tue, 13 Aug 2024 08:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA70 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 424A 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:01:13 GMT
expires: Tue, 13 Aug 2024 08:01:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E93 831 B
1 KB 91ms
38ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4648dc535c835e7a522e8b82cfe56c7835ec806e90f83878164b451455a86222

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fFCHYH-GXVDSMh2wjTy0dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-fFCHYH-GXVDSMh2wjTy0dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Mon, 14 Aug 2023 08:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 242ms
35ms Script
text/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript
date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 315ms
247ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY5MjAwMDMwMl8xXzgxZjg2NGRmOGNjOQ%3D%3D&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 08:05:03 GMT
Via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: t43tlU5uquLif4ZeLaKDUwaLlDuo8QBY0zcwq0_sXAkh-q-8mwBITw==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FB58 17 KB
6 KB 158ms
158ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 1360 2 KB
1 KB 512ms
512ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: 19globalnews.com
URL: https://19globalnews.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2206d0dd50bbd82d3d3adbea200da2f2cdec53146bcb8ca5de02e7f46b0cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7ytLv5IEU9UWbIN5zWG2X7R2IkI0DdduURGJCiMsquD8YhpYIm9Sl7HiRMqZbZjmKKOvIXbz6G6DN28ocBXUpXj82%2FvZsgorbdhWQX6uQap0o1FWVqGBHwLeQwMt%2FrJFseGfW2006ng%2Fq%2FwvBmw1vr9%2FE0Y"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c69997918c-FRA
alt-svc: h3=":443"; ma=86400

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 96F1 0
0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 424A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 11:10:52 GMT

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 56B2 2 KB
1 KB 506ms
506ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dwjhgx.com
URL: https://dwjhgx.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbca18677881c6b30b896593ac6dfcfebec76dc3c2d6849123a8986308b5266b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRO6yLji55aDxD0EX489ewvQ%2BBxNT95RvS6pXUSGrgb9tqudNpveCdlkbOjBslKdZ9ctn0jrME%2FkfSv5Z7iBpAIH2geEmBPGnYiRrRubUcj2CvgfuSvI6q2CtmXzdgLcIMmMo5fiBqEIUXkqmaB5S81nG%2Bwe"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c6c9d3918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame FC86 2 KB
1 KB 526ms
525ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: yaya0506.com
URL: https://yaya0506.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80a6f31c418d0fc2157f1a2ff395db73ac0af1e699179e17279d6e17324e4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmM1SfbhUqg5l11L5bKgBokeAyat3FUgwoEK5uxOLowXYARtBuLkPVQR%2F7XrvZ5eep0eVOHczrHZHatCEdHTkZdqSaT2MPOPYimsWdngD1dlInudXss%2Bs%2FAKAW%2Ba2%2BcHZNkgUidJAKGkEC3WXjOWRwhqMzhg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c6d9e8918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gmifr_lei.html Show response
mydesign-cases.com/ Frame 96F1 1 KB
1 KB 383ms
228ms Document
text/html 2606:4700:3034::ac43:957d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydesign-cases.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:957d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c7ca5d9013-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ss81%2FPj7fGOgbfniJo9nWpbzfqCj1uJbvZk03D%2BKu3W%2B0jlXd1jE0VKkbh4%2B4fM7ZKv97p6yccvv9Exet65MxbJ3RvNuiwnBrF51X9zOVt%2BcqIogWaxT0qykU%2B0Cea9W%2FLlJ49AbXbyUWs7o3p1JkTw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame A2D2 2 KB
1 KB 522ms
522ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: jkingtimes.com
URL: https://jkingtimes.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4194765d217bafdc39788add0f58dd2f36e0cdb26c0dd510a25f04e40d6c9c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wO0hq%2FIdB0YrxAhMVh48pUQQqtnBpPK5X3lm2sAfM061jjoqDZMUjC5JXgaAOkQhBlg04ifl1UGCqAb3NB2Yv4%2F6FK159YBxGqHVWSMWj4iC9%2B%2BFitnwv5GEBRuJ9Vj18lGswnzs1BY28DVQDV3kj5B3247g"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c6e9f5918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD39 6 KB
3 KB 104ms
103ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Tue, 13 Aug 2024 08:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 9FFE 94 KB
33 KB 147ms
21ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=472bd636-f5c6-411a-8a2a-cb3316d06a31&id=dablewidget_goP0dJoQ&category1=%E5%A5%87%E8%B6%A3&author=0&item_id=4898534&item_pub_date=2023-08-06&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 05:22:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7AC 13 KB
5 KB 26ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:01:13 GMT
expires: Tue, 13 Aug 2024 08:01:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5782 831 B
760 B 35ms
31ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73f28b4657d7b84f2e70900031bb831317327a0b877fa210eea4da0c5f2a73d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Jagn_V0W-rKWIy5uNmdJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 531
content-security-policy: script-src 'report-sample' 'nonce-1Jagn_V0W-rKWIy5uNmdJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Mon, 14 Aug 2023 08:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 424A 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Pn3Y_g
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 8E5C 2 KB
1 KB 516ms
516ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: coolsaid.com
URL: https://coolsaid.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb39eee4c3bcf5efa835acfd99df83537516c692f4c15148b1a1d1e8fc5e7c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnLKc3RYZbf256HMnKC40wi8a%2BgseAeOFHP%2FCOLmEj0OF5ZsOcIytqxSO8cG2syS8F4sWo7K6Ifv%2BPA7AO%2Fa54yCV2g3iougX5C2nkeasPSeMmBIi1GVr3ZzPYFT6WAxMyxxKAA90fSfvfQfx5FopD%2Fjbh79"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c7db08918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 8DB2 2 KB
1 KB 511ms
510ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: yaya0506.com
URL: https://yaya0506.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80a6f31c418d0fc2157f1a2ff395db73ac0af1e699179e17279d6e17324e4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJb%2BoEdvfx5DE1wPbDpD8sQcoyjYJjE6EqN5RO7ITiSTRfhixen7bQw5C%2FR7L2nhul8kgm%2FTFHJ8MSkKqvJ2wkMAscO9S63PKiqetf89oFHacbG%2F6uhqagV3HroIk152jVI0o9Z7R20TngZUNkiQLIODnYO7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c7fb24918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB37 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBMLFQT9UiGIhxaPP3OnA66UyFFD93fsaQleDRlM6B_nt8z_SUIIywaWcUc-hq-61lXNvg7NpbKJxZRW8-iZWWTOvNPhw8tp8yiArf9Hk2DGbp8qEdHi7TO1w3crw8KP9uTGMdEgDVpdtqjiU0Zdw0un_TP3e6UqOVUQK_p5D_nPawgjKzScNoNXu8WSUKqyzZ8LWsJPHiOw07xoCbJLdMkRx3X1PuJtvccPIFi-5dNzyG4RXSgw5OpzYGdr8Romb9Zlxg2CtM_P29ZFEeduzgvUpngyB90lFxVpBEvNaDn-2Q0Yd1LUd1Q590YQi9IpLmvLSzwFpNrmQ&sai=AMfl-YQY2OYD6fH4hRkw2YiQt5ySalUHmvz9qZ1cIONLFsKqYDr4AtLP5DE5J7DE2ilUqFxxw-sY3T_ixVUy7s8g3rYtksjiSTyqtHn1Fz9LC5FOHTJUeZOtDta0rn-c5Q&sig=Cg0ArKJSzAIynboejWjjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ Frame CB37 39 KB
12 KB 21ms
20ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:58:35 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 05 Jun 2023 08:20:47 GMT
server: nginx/1.12.1 (Ubuntu)
age: 57988
etag: W/"647d9adf-9aee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
expires: Mon, 14 Aug 2023 15:58:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB37 179 KB
57 KB 85ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070102/pubads_impl.js?cb=31076939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FDF 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrD-oJXw0BgIN7PoYr-h7NfgAjogbPtH9G1nahfDDbboifT00IarGQLpYEAyNyWE7wTRJH4O_PAdt2TD-QdmFaX0sXlzobY8JHfhiufuHLkgZgMGdDPnbwbbcfGHPHgN14R2-brRdDeF8qWGYXkqKXDp0elFg0GJWz4dTPMpF7CpBSCkPvXYrO3MG2_NGxukjNHqbzYge1ZUt4PVUfDzUjh_FhqBvpECaNAJL7kY4xAm8U_vf8a9klrMpSYPVYqMI_jb1x1nY68I95gf_f9OSQnku3j8MOsMR7u2U0Y0XLwSPudpBW9CrM3mkZCwLXXGQiiLYR6hsGy-g&sai=AMfl-YSZmQqB9BQFdKISQLJYdv1gaVEyY5LuWIhpj76T5PsLatdyD9yZ6nHTgBEBG7o53SOsi_HEFmWkZdRW2NnZNSyKWr444VXs8sTlV8BIrsQerLTPgYkg26z3MBP5Aw&sig=Cg0ArKJSzO7IL9_67z92EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-jppet-welovecom/ Frame 9FDF 390 KB
50 KB 60ms
59ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-jppet-welovecom/loader.js
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 363e5af9e7e324fac9394f52736c031abca388517b1fb7007ba054e26dbf1517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: y3tRjqI3ooOMRyFOjApJg3CYJXVe8.XQ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 14 Aug 2023 08:05:03 GMT
x-amz-request-id: B1Q24AJQZXGMF42V
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 8
x-amz-replication-status: FAILED
content-length: 50866
x-amz-id-2: Clr7VF215s/e70f7C9DHwQAC9WIcED7vXXV6bkq2ZrM9CvWuJoFA7ibxUYdOjJYdYs1q5vwe1Ss=
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Sun, 13 Aug 2023 16:14:30 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692000303.390506,VS0,VE40
etag: "c396a3d656f33dd881a72b13323896c8882a7e2b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 18
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FDF 179 KB
56 KB 98ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 779F 2 KB
3 KB 96ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a95464e715055501388ec81fa6b56287033f43f6eac2e1228e44d84a68333e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f67b0c8a883040c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame CC89 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:31:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C5C 1 KB
643 B 24ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame CC89 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 23:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC89 0
0 31ms
31ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGwBX9JjgI_m4EVEl0xstWsoKhzS9yX6HQN6Lj1V52VEOcz1OeaqOVi_SNqRWrP8MMpH_1d7xRnHKXSVHD_wJIQHyfYg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC89 24 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Aug 2024 21:54:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC89 179 KB
56 KB 76ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 298F 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:01:13 GMT
expires: Tue, 13 Aug 2024 08:01:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C32 831 B
554 B 31ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2e75b8205220fcee40c0690116ce04c6a385cd4cbeab55d2fc35f2c212ba487

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QhIgryYfv-oO8VjedWqwLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-QhIgryYfv-oO8VjedWqwLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Mon, 14 Aug 2023 08:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 0F5B 2 KB
1 KB 513ms
513ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: angela-babies.com
URL: https://angela-babies.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1277be7ab9cc4931299697aa121b38fbbc3c609c2dcec0b58702bec1739877a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD5fIDSQZGNU53DbbNxLElGQP3R6ifPZWNZqmloV6kz22uRlXEnZL8PP%2BMQOr%2Fb8GED1iRAM8NQRUb3hMaCi3T8tO9dSfQ0SjbGcVVYkRJshkuB4lORufrqGiCjCbk15Fb8739oOnNHNsIUkDcTlSoKYEC5p"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c86bcf918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 474B 2 KB
1 KB 508ms
508ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: itigeryou.com
URL: https://itigeryou.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8f184d502cfefd44031f0ac43fc0ebdaef2410d5e34545b0f098cd291e24ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjOScRH%2BH01rtEh3z6nGD2bEuz00M5r6gfqrLIqz8UAVxftUz5hMQuzyMTrD63kzfqGNjrXKERRanpKNowBKnTVw8HODyfCWmzwztq%2FgYdwa27P%2BEYROL5%2FMbyHhlSAyYLu%2FmfjuTX1JjCEj3jIEXQTpZ8N8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c87be5918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame F9BA 2 KB
1 KB 507ms
507ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dwjhgx.com
URL: https://dwjhgx.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbca18677881c6b30b896593ac6dfcfebec76dc3c2d6849123a8986308b5266b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BN29np1IbkvdWyAARwFFI%2BdfQ6cCnKqFpHKFXa4NsF0B6m%2Fa29HnTChUro8%2B1BJpWM0kuJEj6E61zmQTunOo7Lbk6i%2FIM0Ke5ZMb6Z2yXvCesGbrmCnWfN5tL8g8EwiwOHZpuC%2F3GE%2F0tBDtnqYfwxpljJs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c88bea918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E93 0
0 121ms
120ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308090102&jk=299888461930810&rc=
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 43ms
42ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 14 Aug 2023 08:05:03 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5782 0
0 121ms
121ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308070102&jk=4383569428738245&rc=
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9C5C 0
104 B 186ms
73ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHh6yASvHHggngaRZXIFKqg&google_cver=1&google_push=AXcoOmSAYiaAoiJ9umHj1TV_5V-oJhs12MXGaXtY5REyNtSVYtUeMEh8mJUVWR9Ki87qNwtG5LuTAbjHVkACOdvvBhZhGcVlQqH_
Requested by: Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtdkDY8AyXYcJIEdfRzmFE&google_cver=1&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaW...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaWZiWEJJm2U47uww

170 B
232 B

33ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaWZiWEJJm2U47uww

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Aug 2023 08:05:03 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQqdRP2XGynnzNuRNHV4qRttYlJGLLcggry2I53lY10XF6PeYOdHAB8bJLs8h-NG9XMLkPMrcdPEDd-jUaWZiWEJJm2U47uww
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Aug 2023 08:05:02 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJQgAJ2JPfMpY7yESSjVkf4&google_cver=1&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREHLU7D8bySPa5AfFg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A965719300AE48F09853F14F122A7DA6&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREH...

170 B
243 B

33ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A965719300AE48F09853F14F122A7DA6&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREHLU7D8bySPa5AfFg

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Aug 2023 08:05:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A965719300AE48F09853F14F122A7DA6&google_push=AXcoOmTaVIxCay3ud3E0RTh1myc1BkhslD9XgkQf5oilhU4lMiIGttP-mhv08WewUZBwvvuPf7IqGpkZ53YrREHLU7D8bySPa5AfFg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 13 Aug 2023 08:05:03 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9C5C 70 B
265 B 153ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMkOcELTt0SASdAPwuF0Em8&google_cver=1&google_push=AXcoOmQtls2BoHSRxdseqW6nQr-KqN6slAS0Gq375IwZ9sI2nQ0a8bzoS4O743w4Hl1qdpIOOYEk2i6mPB-ZB3FnYSMR67OU_xyiIQ
Requested by: Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1-avBNuiQxiu46lwDbb1Gw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1-avBNuiQxiu46lwDbb1Gw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTlPmtdFGitIVI7OpGsBbeWTo9K_3ugJPHCwcFrY6cTrEChIKLZJVRwxw29F6CnBHoCQyHDmrDaV11sxyjPGTt9UAcSRhFlNg

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1-avBNuiQxiu46lwDbb1Gw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTlPmtdFGitIVI7OpGsBbeWTo9K_3ugJPHCwcFrY6cTrEChIKLZJVRwxw29F6CnBHoCQyHDmrDaV11sxyjPGTt9UAcSRhFlNg
date: Mon, 14 Aug 2023 08:05:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-5609244c-5cf5-4dd9-a0b8-4abade2b9a37-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR-x588_Ta8oRZBu2mf0...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&google_hm=A1YJJExc9U3ZoLhKut4rmjc

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&google_hm=A1YJJExc9U3ZoLhKut4rmjc

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR-x588_Ta8oRZBu2mf0zESxQyv_taVHRIVFhMbLy1ibY54kj-Vxv_AjXZ3M5bnQgyLhqFiHQ3iiWNM-zHGTSQ2N5F4NbJQzw&google_hm=A1YJJExc9U3ZoLhKut4rmjc
date: Mon, 14 Aug 2023 08:05:03 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5609244c5cf54dd9a0b84abade2b9a37003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 9C5C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAbycBDHP2D206xSPTxpA8o&google_cver=1&google_push=AXcoOmTjGScUuZutEIxOm0jhOsmY-JKRl9eQAu9oXTxhvdo7ZmBsBlXyQNR6Wc8GDTARy5Xff-bFNweWAjm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjGScUuZutEIxOm0jhOsmY-JKRl9eQAu9oXTxhvdo7ZmBsBlXyQNR6Wc8GDTARy5Xff-bFNweWAjmbvVSqSoJdv3jVzerUreU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

25ms
23ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C5C 0
130 B 114ms
30ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIfNMGvvf6G3wdw-2MgRL-uhWaLU8FHpa-1PCOKVBeOiMVCsAMMvnLvfXLBhaHWJZtunpmvg

Requested by

Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 impl.20230720-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 9FDF 789 KB
164 KB 19ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-jppet-welovecom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: tLbvjptbiXVwUrAq8EFnty9M0FuM7ujy
content-encoding: br
via: 1.1 varnish
date: Mon, 14 Aug 2023 08:05:03 GMT
x-amz-request-id: 9BTV8MWFG68RCZZ7
age: 20673
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167105
x-amz-id-2: kEeiIK6RmAO8bYYqvy7j5ttBVw4tCrcivCyXRgLgIZRWs+7Hcs8zN30e0yIKHXlmupN8MJZ+t7k=
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Sun, 23 Jul 2023 10:59:57 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692000304.516422,VS0,VE0
etag: "34e9f77310e584b68e9e2ec7c2dd6975"
vary: Accept-Encoding
content-type: application/javascript
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame CB37 80 KB
30 KB 107ms
27ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: PZWBF04DDSJJ0FRT
age: 518
x-amz-server-side-encryption: AES256
content-length: 30196
x-amz-id-2: h6tL31CzGvG63LXCQtQGg5NhHdR9TbeRlirDDKUs/yp2ciiDYKvK7TVT7x1/FdUAAgXsBESJ5gA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame CB37 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef4d0d0fac1ef08cc8a3f918230f58416f1e316bc29294f01f9be4fc08536c53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CC89 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dbcaa5fcad314157f806d8d6bed7465ad9591f58cbc8de1e22357346af8645e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame F7AC 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 11:10:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C32 0
0 139ms
139ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308080102&jk=4174172713156697&rc=
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 779F 114 KB
14 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 420714
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVrhW98eAyOVzyZT1ipO2xmFVTDlEpGg3y%2Ba9KU5oQnlt%2BdWpQELJRG7dVVWuFNrcWLt84hd%2F9nt0YrIyq2beAALeCGYhcpgYWOOiO2Mmxg6ep%2B2nNkVLqXschpgv66IQK%2FQ3eeb%2Fmo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f67b0c94941040c-FRA
expires: Mon, 14 Aug 2023 09:05:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 779F 25 KB
10 KB 39ms
31ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 488077
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv%2FFVL31azvE0jKeGB7NC0dlmbqsKSg6olVWWUUrpSudtOjwxwGIOkY%2FN02f1mI83K7ZwKEXOFXG6T2bb037V5IvFLvYHSvAqikZMMucU9wc7jBHa5Mjpd12c3sns6GXbTdbb7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f67b0c9495b040c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 16:30:16 GMT

GET
DATA 200
OK truncated
/ Frame 9FDF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70bd91ec546859cd1211b511e558432215c78f8cadcccd619f758d3bfe0b653b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 96F1 2 KB
1 KB 522ms
521ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: mydesign-cases.com
URL: https://mydesign-cases.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30302ac1314f6e26ba6c23ca8152f7fbaa2f811d53834c2404164904efcc657b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mydesign-cases.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Mlsez5feHJoVkZ0rUvYJKX2%2FmaTA1hMQ3gfSW6SKLRqkBdKAhgovt3v7a%2BuWtSGs4IDFV3d7dHlfWPd8p%2FT8p6pWAUtJesgwZnI6eAZ06PCQTacxzf6vVf20Q7gQUrDo6N8Fsmp5yVqRXsJ6cwk9NFnTTJH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0c97d68918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 298F 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 11:10:52 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
179 B 334ms
264ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H7SH7EG0KGTS31E5G293R8JJ
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://dayfgh.com
date: Mon, 14 Aug 2023 08:05:03 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 587C 495 B
665 B 815ms
246ms Document
text/html 52.199.26.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.26.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Mon, 14 Aug 2023 08:05:04 GMT
etag: "64d90445-1ef"
last-modified: Sun, 13 Aug 2023 16:26:45 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DE37
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

229ms
21ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Aug 2023 08:05:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 14 Aug 2023 08:05:03 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9FDF 46 B
287 B 47ms
46ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 258405
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-jppet-welovecom/trc/3/ Frame 9FDF 31 B
435 B 43ms
43ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-jppet-welovecom/trc/3/json?tim=10%3A05%3A03.640&lti=deflated&data=%7B%22id%22%3A357%2C%22ii%22%3A%22%2Fdoc_c0rjannjdjlvu3buznfcwwvlng1hdz09%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690104288571%2C%22vi%22%3A1692000302388%2C%22cv%22%3A%2220230720-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09%22%2C%22vpi%22%3A%22%2Fdoc_c0rjannjdjlvu3buznfcwwvlng1hdz09%22%2C%22e%22%3A%22https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A336%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A280%2C%22dw%22%3A336%2C%22dh%22%3A280%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22alternating-thumbnails-a-recosReel%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A336%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdoc_c0rjannjdjlvu3buznfcwwvlng1hdz09%2CMid%20Article%20Thumbnails%3Dalternating-thumbnails-a-recosReel%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://dayfgh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 12
date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7254
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230061-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1692000304.654269,VS0,VE12
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://dayfgh.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 1360 7 KB
3 KB 54ms
37ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbhPuaezuj2rBczN%2Fa7gMZ3uyQiQC1wzlapoTvHGwYTCzDFrQ88IRt%2BrWvINA5onzCHcyj5b%2FliBLKVr0WOLZonoZPG7HZDapfcIt9D7dk1Qb2W3%2FMVVGBigq8WFxMVs5ggKIZCHvNA7l%2Fybwi1QiK%2BMmVe5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ca1e1f918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 779F 3 KB
4 KB 169ms
34ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q51dVfhQ7tY6pozEGjQUWskru6P5C5inOdDeT5MpjBneSZ4UJ6%2Bnp%2ByJWNeEGygmjAsDTxroSwj0NB2teFQuUJnoD%2BdbZ5LmYx%2BxQwXf5aoPjc3YDDTEeYMEXUd3yf5qrwUo9jPOU1%2BR2sFQ7ZjcNsgw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f67b0cafc7f9945-FRA
expires: Mon, 14 Aug 2023 08:10:45 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 56B2 7 KB
3 KB 38ms
36ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i09hTlJ8DDxBQzg%2BWFz2MUTyQK3Vg9z2yMqMRz05F79%2Fg%2BNSntj92ggDe53rOXty4BJ7A9hGq%2FXXKqUUPU4JUrDUIDn6eV3hh%2B%2F8i6kfx3jHhaYHytLcLCrr5Mm2%2BgkWqIcQ2eZnIVNcimDTlYZxuBbBkj8%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ca1e21918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 41CC 2 KB
1 KB 39ms
39ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1976350
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f67b0caef909bf2-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:03 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2klJROQdIriC2bzeJ1c8cqSJrvPBWKwkK6%2FGdLHBNrOJta%2Bz4ncHec7T%2FlsnuRHyLV2dccoUjNha5JhrMsZuEsL0EO0HBxWc4j7A3SO823Cy8V7UDk72s7BbSU8a4qtlxgIRz8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 debug
trc-events.taboola.com/palmate-jppet-welovecom/log/2/ Frame 9FDF 0
89 B 26ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-jppet-welovecom/log/2/debug?tim=10%3A05%3A03.702&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=7632&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25427

GET
H2 204 debug
trc-events.taboola.com/palmate-jppet-welovecom/log/2/ Frame 9FDF 0
89 B 26ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-jppet-welovecom/log/2/debug?tim=10%3A05%3A03.704&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=2948&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25427

GET
H2 204 debug
trc-events.taboola.com/palmate-jppet-welovecom/log/2/ Frame 9FDF 0
89 B 27ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-jppet-welovecom/log/2/debug?tim=10%3A05%3A03.704&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=4149&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25427

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CB37 302 B
624 B 213ms
84ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=6cdbdc20-398b-48e0-857e-2eb6a34feda9&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

7486b8da065321a5bff28441aee66bb071575ab6ff8b4814ef2360be5f2abbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:03 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 33
x-xss-protection: 1; mode=block
x-request-id: 37b6fd8c-6c83-4676-b37d-224be6ae7276

GET
H2 200 b
geo.yahoo.com/ Frame CB37 43 B
366 B 181ms
72ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:03 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame FC86 7 KB
3 KB 35ms
35ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7ce6JkXztRNU%2FWE5Xg6eGOVy%2F0hJTEMqk6g%2BDulbXpgaxJi8tLWFSDqqADi7XM4TAuko4V8OHoW2HqEnycusMiY%2FvnzRoQfABGWcV2VNXyQYQszh3EG5GvkVb179lKEBO69MXB%2FAFp65SMOYIHMQAk5jDeM"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ca5e5a918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame A2D2 7 KB
3 KB 29ms
28ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYYthEssY8NqiDaO1A0D3pXlwNDEQxcON21%2FL%2BKp03JLO5pmengmeqWq6J8dln77%2BBcly7rNxTHchPpi6C4JKxQHjHJXFIY%2B9fZAqWrVX9dEEZ1SapzjSwfZH%2BsxOIWtTgZOXI135ireDfROcGGzVdsUhd42"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ca5e5d918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 56B2 95 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1360 95 KB
33 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FDF 0
0 105ms
61ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6Q-wKGmKbCeveqD7nH-sKWQytwY1Bf_m_vPw15suChSNpTiK12Qk3bKXS9fwoOlmIVhVWJcPkEPqGe7bjVONKx8VaVAPFB0WfK4YBZnJJITY8oJYBsw6B2wQ_s6ikG_1CNNis1CHOXGhh11HEa0TOvFtWowHd9lz7RxZAykOeriNdNcNgy3_FPeGmN2hu_1b6Y6bHJMKxZvDPlsHf5nxAZmM959PHfXi4LrFSrzhAfRMicI5GxbwE8Rzhfz8hCQr_bRU4Ckn18gs_HPEIZn1Mpt8TfjxVViPxNfVewSXMVJpeJAyfRTtEZGEDTMeydoiTaiyeMxvOPCSyBA&sai=AMfl-YSquaebNRRvNwCmtQM9v2yS9dhWtZYPu2rK-oGK8KAber3dXaTye8utwV0fIKt3Edeqr6b_b2JXETrRY_HHvw_JLGl6aJxe5U1BPegX3yQ1q51CX1-qKzA2foP2EQ&sig=Cg0ArKJSzPsDjCc2OD07EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 08:05:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7AC 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a1ZWHg
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 298F 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FtG9WQ
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A2D2 95 KB
33 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 8E5C 7 KB
3 KB 33ms
32ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QGU9lc7MQGZGglonkvNePZtBe%2FlmCfoIOCS1VtXPD7pzKikXt7vsFZ1STMUOQ6q%2BIln22Yc6f0%2BamDMhGfTh7DKGIJy%2Fz5CMdT0o%2FNfucb94O3FfYyJETfm3HG1y8YcSz%2BdBbqePdka4YCjTDulfx0Vgota"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cb1f6f918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame FC86 95 KB
33 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 8DB2 7 KB
3 KB 30ms
28ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsQ0AahY9WPMxR2DjudDU%2FuwYBY4k0rN%2FlK30NpKX78oFhrAhsy7E3Rq08bRW4Z4EdyvQG9xjvkdq94gIzfcneoffwE8qLIBitAgOInt1CPA8KEeorz6sqO47mHX2I%2Fec%2Bp7qCwqOad22wUn2UlulFuzcwi5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cb5fd2918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CC89 0
0 66ms
65ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMy0QLuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPkBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci951dx_gyI8EHCWxKg44qxAhueTindqIIaanOc425gNnkjv33mGl4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItODc5ODc2NTg3MDMyOTg4NRjt8YIB&sigh=GBX6oATiZXM&uach_m=[UACH]&cid=CAQSOwBpAlJWrMQEaUg_qlIijPiJKaO4Krx_Ep0FTyIYKgfLmU-pwchlonqdlu9x93WL1429TTlftDONAeBOGAE&cbvp=2&vis=1
Requested by: Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CC89 0
103 B 213ms
30ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1krvymzappjfsde80q30sqzk15mp433qrq4pjv415msj7sgytwg2j86vjvcfbmfh5st4pqy1j234wgqm5kbe8tzay6n6yz284hy8cqjhtvyettx2zbb4n53zd0cxpq2nys85bytgenpqtsbw396gk52asjvy9cv9sznswgn1f9adkzt5bbnskn140dr4fyb0k6zfsp1qtv6pyzc69nwzbptrmnaxqhjj97qhkqhyxd1c32nevm9vn4g5106hby3fy7qdghkkvewbwq6b79gfq2rdyzbpaa6nxjxg7rdvm9aaba7kmx7m8aq1p71epm1f8hdr470qqq6ee9tgrme8rtxt4qvpksh3t0v5xqq8yxt16170f7z7njj86ntth77dg376c90k6cwtdbnd&b=ZNngLgAO0yMKhZ7TAAjPhwX1p8FrDHW4RDvZIg&cbvp=2
Requested by: Host: 96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
URL: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Aug 2023 08:05:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8E5C 95 KB
33 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 779F 2 KB
2 KB 43ms
43ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597c36a7e004ed28c62473922198e84646116fdeeefa20d8725cb5a74513759c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOn0kIPZ1gt4gaicwDvA2ZJgHbuLSTdalrf2dOEtVBsQ8d8wMthIl%2B2P0iUavceUhhlFEYyBOLg9igg6iggaszZprl1GFWrJCC4ZOVs5KUiM%2F7Yf%2Bj0tSXyKLn9QAFLt3pgIE00%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f67b0ccde3c1c1e-FRA
x-backend-server: aa-reachservice-group-europe-west1-sxhc
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 226ms
47ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f67b0cc8ddd1c1e-FRA
content-length: 24
content-type: text/plain
date: Mon, 14 Aug 2023 08:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew4sOG8jG%2F10IcbB4V35QFe0vViJjbUgDEw67HgubA5aaFd%2B1AmqLL87oVw4MbsA97QVUO6bOOGTDiyYOltSeBtRAT0pisq61RDmaKdxS7gDrI%2FFtIeGPeYtGHIJDb3P1qpygQ8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-sxhc

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 03DD 6 KB
2 KB 200ms
31ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 259085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1z2wuFWHN97UyCMJ4%2FQU%2FMNCrxG7C89UyiPOJ0uQ0zedwlMlnIIjoeOcv02Ps09kSDh4dSKhuVMjHCXGZs7KsjY04COWYe7%2F6mJiVpYbX11bt86p%2FnMWSyArL%2BV9a2aOpHpfEqhtw73TDLxE8%2F4"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cc8951996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 08:06:59 GMT

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame D14C 6 KB
2 KB 191ms
30ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=ZHCZJTKWNPMW24GQYKY9&sectionCode=0d20b1ff-dfa6-4c20-8cb0-34e800faf912
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 253850
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twJSwL36l13HbsFn7Hflk1cTjgX1dchLznN59FitT%2F2uv8n0oDYmZWtA8X9WHxIDIh3ONSV4%2FCtIMv%2FTPhOtOn3gcgmDLXSzOnt6kbxfzNba0q%2BHb3rvPBhGHeVf%2Bow4EtO1s87eFtmUjELbFiMZ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cc8952996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 09:34:14 GMT

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 4323 6 KB
3 KB 177ms
28ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=GTWB2N9RZXRY5JXSDJM5&sectionCode=86166e84-a4bf-4f12-96e5-ecdcb9de2b18
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 200992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUbgFxTLdz2ZalmJOTPnRgOk86bfc59dzoL4Cref%2F%2B38STVgJFSEx0Rqp3EHynuc29R0FvMUi4WC1Q596coGreVgKjhgsk%2FpLMAqBn9EldV1qLNKwFOJzzr%2FnlY7CZ%2B7UDNdSGxjdp2msCPW6Ee4"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cc8953996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 00:15:12 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8DB2 95 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 0F5B 7 KB
3 KB 30ms
30ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDqlKAueAwT833aH%2FjTP4JKdLEPZBQyKCKsaOmTbT93eyEhFpLu%2BPRcUKeDv%2FaWnzhuC4qV0lqsl4I3SDs0W2kDZKJgsmFbH3xMxXRUk5qbOEfX6gEDKbyUJfuAVC3CoSFhoda%2FP5KrmREvYkrFa%2BnPCEToa"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cbd892918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 474B 7 KB
3 KB 29ms
29ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDo07JsJjyZv952Rf%2BCkEjerL3Uc8cmBeXfznbuj0I9hTVTPdwnLfjN3fAcmnM0p4OEt3KkiKl5i9kl%2FiOLdSGvQoBz4aNFgkvWRw%2FsdiZGClGs4%2FHlKvUd1XplFUfyNup7VQSIntjGnXe6BjcEcC12ssdNK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cbd897918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame F9BA 7 KB
3 KB 29ms
29ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkbDYP%2FXBzYhg2r3jvpElIWnzrc4Dx20EXFfCMnFgP7im2%2B%2FSmY0hGrbQMUgQrgAYg1g9V3lBPossPXb8pjxhNXDwIN49qDP%2BnI1JIU%2B2BoPKlag%2BBmCCFpIw1dv7t7PNZ6kYFTJDwCUUzVgzqCAfIdmu5mE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cbd898918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F215 145 KB
50 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b28b1fe68411eafbcc739b0406d05d494378670aa7f3bb4caa9e5330ae0c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50788
x-xss-protection: 0
server: cafe
etag: 13800162745882909668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:04 GMT

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 0DE3 6 KB
2 KB 109ms
31ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 259085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wli014iZYeZinz%2FfKLWw2fWx0UlPPO0FTIys4UPmiYxM%2F5s%2F7bKayEo7uENcUm7QM8ixuZ4zpjqlpG6GNnYbBrYV4VpsqMtAx69JhHwO0u6O4Mz%2BkF%2FAOhxlZLbCyaYPUwzywjcr2pEZXIuskd8e"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cc8954996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 08:06:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11AC 0
0 126ms
126ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308090102&jk=299888461930810&bg=!g4ClgNTNAAaiGN5Pghg7ADkAdvg8WmF2GqJ4SvTQ8F4IJ6MQk01q-v-hYJp0M8OLfPxVAjuiT7E3WH16cbPNom1Y8aymCoEA9PgCAAAAvVIAAAAtaAEHCgBseq7Phw4WLvYohz81l-go9VxC_GWtxrrTtzXN3RiDbqryITXWqKw5lQwClRKj288-eVzXi4XcZiAb_It8ujg5iQt3Ju6G94yhs-9sqXmVijj0ntD2cajWgdTYG2gzzkzuL3M5OpgoH-vQEmjTmQLhG3bviFpEW9oQk4U3pPWZZLAbwTSrnObpF2AxELGiEsQYXJcM3BN9IsWYMLlccnLFIts1nMHu4Wl-7TYmi9ZERFJdTwaxMIpFdlZ7N05d7l3GpnH0v-FMdNcKc0AdogAJLTC5PcW2TFWVPT0ZM9jLrk493vDznM2Uwfdxg0DnJgRfJyU6Qv8i6jLrYyojBf4GsWUxQUYv9h6t406DMTKvOn_TBL8T6cPJ4Yzy3cU33vBFydC5bYyo2wlTlMJDsrGpCsFLdLlveLSCEcs0Z4OiknRY3WsXITIYL3kw1KVkoSZv57tTlKHi_tY1hwz35xqEPkmcGiJ9kt8fYxscASpNLJA-7UUU3e5EoJE34ag2XmVwbJ1sTSPUcCDt3ZgiXnXwn1QXy8EAFBaDsJZc7DPxVQIfI2nO5_k1wRAOYC8S2muuvukJ0r6O5M60pz-aze-kcIpW31CLr_ApZ5qGl5OSv3NSaHPtjFv6KCcxn4rmn0Q2QG8zKaT895ZHCRus--kBxr6dJD8f8KKlf4-dJEVCUo9tkTb3KDW8D1qQMUUZz9ppaP7CJcnlvzJ-2M7VDt0AQKdtXOdkzzOSEHmxVnN_WkurZEnnYPbg512rE-8wbuhdj8OpHqKqhLPUVEAHk_rsR31hAULKgGnLROHOG42wH63Dp6eg9uT_4WCHA9Nhsqb-Jp7tprLSfEiKEAVHWcIVfnmEQJ9jHO7YW6G4mXnqeHAPOVnrz79Wrezi5rCC4MOSpvH7ztSE_bsjqpN1PcfoHnuSTkZbvUMWFLPRXCxL2Af8ODdqgzZHQXMCfe0Q3fJRa0oTUMjO2y-dvltB4R5s0YOufnys4gLqn0U2P2JBDGqLb47HB8e-lvk7ICNusUU9l8IFGhfUKZvQ2Majjlm9A8U7GD9_XWpXztK4N3hXLNAf9_2MiAl6yeQJekx74pJssJSyJrsLK-1WR8hZxprReJ2d1QgLgKzGpWPfBAjmyjk
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame A646 6 KB
2 KB 94ms
32ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=FGM9WKG2KZ9P897DVG37&sectionCode=e0dca6eb-9d9c-4b90-8da0-2e5e8e48951e
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 238512
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czDSnDOUFCY%2BWeucIbnPVt4NAjCsjaidegahqdZnC4zN3qx66qe0WmcaKVsJ1ezadj%2FT5CCzI7lcIbgXxGFVNr6jM73EbHVRTLyC2W%2FCBahwB3VKtcjfjtdZHKmxIe0IToOSa56B4scFCS4sWrPf"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cc8956996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 13:49:51 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 0F5B 95 KB
33 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame F9BA 95 KB
33 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 474B 95 KB
33 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DE37 34 KB
10 KB 21ms
21ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 08:05:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Aug 2023 06:03:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79168
Connection: keep-alive
Content-Length: 10116
Expires: Tue, 15 Aug 2023 06:04:32 GMT

GET
H3 200 trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 96F1 7 KB
0 29ms
29ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mydesign-cases.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10329
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKAfoc3K4jKGJRrdj2wOema7HRD6TLvhBOysREhgTV%2BDg2RUBPBuT%2FTsjXR0iQX78oHaFRkr9ToKebAI7Qt4fA%2BeY9xnRLg8%2BPEBOkUN7rfSdJDLYtPzbi%2Fs7MzVqFsLHoCkk8rzkTonAC4MPoRWybrhOXsW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ccb9a2918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ Frame F215 372 KB
126 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=dayfgh.com&bust=31076947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed25da582573d39d640e589b9ff95edc717dda82c50ecd7874cc6fc3bd269ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128604
x-xss-protection: 0
server: cafe
etag: 4322251755626259947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:04 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame D14C 3 KB
1 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=ZHCZJTKWNPMW24GQYKY9&sectionCode=0d20b1ff-dfa6-4c20-8cb0-34e800faf912
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133414
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ8uVG9MIayrBfQ%2FSrs3InzsmkZxx8jczmVzP0GIFXk8UDfPGvyCG361wUIm82wzWrFJUq7CF7aqbKddtwkHRbmbb7TczIRbKDXm6zyZBdKTXqOjc08Em5Y64RXmj1xS9YFZgpUtbNlqWEwULFoX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cce9b6996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 19:01:30 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame D14C 69 KB
21 KB 32ms
32ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame 4323 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=GTWB2N9RZXRY5JXSDJM5&sectionCode=86166e84-a4bf-4f12-96e5-ecdcb9de2b18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133414
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMnM5dqOXxoc2fM7uDE2yeSDa5HlzRfzGI4lhlLrs3O1Bq6mYgDq6ZkFS7sTSYs6KqhaMlh4Kk%2BEoKvVs2Ktm%2FfjWvsMqwQDqW4kKkmAcoYL7gi3oiHHkuZATL2Qaefy1pAcI10XWQSkqLwgTBzx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cce9b8996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 19:01:30 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 4323 69 KB
21 KB 90ms
90ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame 0DE3 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133414
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9S6%2BdQCbelbYQy2mYWxWcqUyjiEwpKqFU8Xt2HgM7V1oxBIve1AJNO%2BI3T3gMfFDzfOSzXzqliFvv49Sn41Eb72RrJZucuNWg4dt8BhhpWieWcn4LzKlMtH7Cmg3zY1gL59nHoEzr92P98ogqZam"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cce9b9996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 19:01:30 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 0DE3 69 KB
21 KB 90ms
90ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame 03DD 3 KB
1 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133414
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz%2B%2BT6WPaIRo8tzTg2ShXqjWCCwUYvpyJLf448nHfEa0KLCKfI6U%2F6SZdQAG0XW01b1%2FfZrc07fB0T8Lw2Klx4sB96Kc5Axr5vUHo37vZLq4BXOfjvSuNg0JfJC3ap%2FI%2BKJteIOOZvc105fKMOTv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cce9c4996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 19:01:30 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 03DD 69 KB
21 KB 110ms
110ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 7BC7 6 KB
2 KB 28ms
28ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=H6NX3HJCW6QQKJGGP6FG&sectionCode=b8b3d887-ab65-4ee1-846f-41d95101335c
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 197167
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLqSfP658p90ee%2FotDx2aeY0xQwYd8EhFpYUmYwCoJMhHP%2FH5%2FzMpfFZNQj4lWlJuT8hoMplawwIWuuq%2BXmRBpiLsVIg3M4t0fJ1VPC%2F0pqf6WtNzIyaI8EsmwXGAF57%2FhJUPz2xZ004U50wwaqv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0ccf9d7996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 01:18:57 GMT

GET
H2 200 gmifr_lei.html Show response
mydesign-cases.com/ Frame 96F1 1 KB
1 KB 126ms
126ms Document
text/html 2606:4700:3034::ac43:957d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydesign-cases.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:957d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://mydesign-cases.com/gmifr_lei.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0cd0f109013-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6hUN36o5o844lUGLIqSqVo6QFezFU04ZVHAD292iu7G6ieRfPeww1BWgk7nv%2Ff0yO%2F6uBcs5llw38kFyIx8%2FCWUaeR%2B0WvSHpwNgodiDLe2lYSSUAu2jJKlDcmJY6SPeyzpgpLBgvUO2xCruT4GT%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 7CE3 6 KB
2 KB 29ms
29ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 259085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPtfqYexksS615BPiSJ%2Bqz6oN9lKeuwKtueoxi9fesqFfFS52e%2F4Ax7MHXVZhn3AXL%2BVun05sRNm%2B6JxHU7rL4LU38yFq7dE%2FBH%2BiTWmLOVV5B%2FO6rx4azjIGGo2nBS9WIzAo7hGBbIeYm0pGg4L"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cd09eb996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 08:06:59 GMT

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 442F 6 KB
2 KB 27ms
26ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 259085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0bGeMkLp8TwwlOjc73dH4neIUyYz%2Fi%2F5yHCSNSUTBkg1qZJfzof5Duzl%2FpJM0eQISnQe11yh5CaCGL4pO88TKCpX7BWkmYrP9N3xemcGCk%2F06Iuve1MdVRhAQJmlG%2FYRbkcArWcYlaXV0Jx19ju"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cd19f6996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 08:06:59 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame A646 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=FGM9WKG2KZ9P897DVG37&sectionCode=e0dca6eb-9d9c-4b90-8da0-2e5e8e48951e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133414
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWRFOlP48e9srVST1tTQcij7m2ZA1m1V27mztateuBM4wwsK1ySGkVib4SB26gOyyQSR7pDgQMd7THAe4zlGsJeVo522HRQn%2Fo4U88L83GDkvxh0ePmGRoYEF40YnjNNDZMn46eEgPwu0iuZh01O"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cd19f8996e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 19:01:30 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame A646 69 KB
21 KB 32ms
32ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DE37 284 B
536 B 103ms
23ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AA71 11 KB
5 KB 47ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbf44d48e692878fcf1fc9d6bb75628ff66225cd1fdb7ced1c79a88022ed29e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f67b0cd2a519bf2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:04 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame 7BC7 3 KB
2 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=H6NX3HJCW6QQKJGGP6FG&sectionCode=b8b3d887-ab65-4ee1-846f-41d95101335c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 144656
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBAlY1LwK9a9fbONyaMLh9gK8I4NcMXf9APYIyZ0oOqTNSeCaUIb9uiNSBA4B6PdMLarB0Z5EAYxndJl8bXrIU0fE3BYpmlF%2F1E2gOu%2BZEXd%2Fr4%2F4BnyiBog89bQEvAWzTsEBIVwpulPOZ%2FYLjBk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cd2f8e900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:54:08 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 7BC7 69 KB
21 KB 42ms
42ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame 7CE3 3 KB
2 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 144656
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWKjhyFzKjSYr0iK84SBBy1Bq6shUZTgJuHY65vlCXpD4rAooNSv7jY%2FJEOVQvlMMPkkwUBUhe77C9TmY35TYIMgdgCkd9lW94354LW69oQny%2FJy8CPJPYxHIy%2FnJO8ptlK9ZRJr2syWU4Bp5w8f"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cd4f9f900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:54:08 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 7CE3 69 KB
21 KB 58ms
57ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame 442F 3 KB
2 KB 38ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 144656
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1F8barVw6MODXD4%2FhzaLWo9%2FC%2FZDENgqjkkDWjDlXh1l6lc%2FYYwIUtgqf8XY%2BSZejx8wK2TrKi23cPs0WqEJpoMs6vWSgDsN%2BGiIcJvtp7dAupcqBdw9wrNohMpPYFTGc9WePgQz3GE7PROdzHc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0cd4fa0900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:54:08 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 442F 69 KB
21 KB 83ms
83ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame D14C 264 B
343 B 64ms
63ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=0d20b1ff-dfa6-4c20-8cb0-34e800faf912&apiKey=ZHCZJTKWNPMW24GQYKY9&gdpr=&euconsent=&publisherUrl=https%3A%2F%2F19globalnews.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

dfda27eebb9eee8a7a9e5edcf525d9bdf44bee9af607e258f1a3f749c5b46c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://19globalnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:03 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: c3dc4510-1ab0-4f98-97d7-02dfaf92f032

GET
H3 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame CDA4 6 KB
2 KB 511ms
511ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=DBQ6T8DY3S7YRBGVN7X5&sectionCode=0ff7b8fe-69ff-46c3-89ae-7d531ebe198a
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMow0q2%2FCYl9Ei7hCxb22E8SGG5zHnGdMMBoYxawM1izm%2BTL%2FgZzLk3WlhEnh5BOGgcat0Qi%2FLSA62lqQIRPYCvbESScSTT%2FqtKQLx5YrF%2BLqeOmOWbiOsfXpdHzT9yAaud1dtjX2LvU4w5fvGns"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0cd6fbd900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 08:05:04 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame AA71 114 KB
14 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 420715
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MloTHdkvnGwzNnmqGyUVAdowM5VWAIl%2FryZdbUFwuZt4OrV64TFrAqrWqdwGhAdMDXilAYXPW%2FyCzRWbEkh%2BeFspvnZ3TVLeAthZYnlZYn4Pz48%2FubtlIDR%2Fm1%2BWHfWoAbC2qDIr24%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f67b0cd7aa29bf2-FRA
expires: Mon, 14 Aug 2023 09:05:04 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame AA71 6 KB
6 KB 40ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558106
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8wTIaN%2FR%2FBBEuze2I6i15nC6QZZQqFxo%2FYE9yKKDco1%2B8Tsma0w1g5l3OpmjStWDg8u08ErZAck7U13TdURkclihh5XHAi6drQEzmaMeJho0CpubmdM3fbyNCUafigOrJS0cPWx9zMAY6no"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea1040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame AA71 183 KB
184 KB 50ms
42ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557372
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzPyQvJSToI7kN1ZqmSwjmjg3iHHNilvLeFqye9N6aJDgsilNqLrR1cbxTdHHdVknqmX9f4mW2alTUdwUwnjYyJZrWsGvxSCwla5HsIX7u0IfCMl%2Bv%2FikHaB%2BqTdJP4SMVu3lwhk3EcFH44w"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea0040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame AA71 53 KB
54 KB 62ms
55ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2213662
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrLbpSEXpoq7c8JwYDGyprCL7ov%2BvX5hquKYkxSka4OZ%2FamJ%2FvHtsxqL2j8eQw4RGOPVP53bMxZHBqodxw6wZGUwCyR7R1Ee%2BkVoaIYetsSbWLIOdBKDBrJ%2FkcOd6hNfaQVTARlnPiwbY4T2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea6040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame AA71 22 KB
23 KB 45ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761193
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNr1d2z2dGvbi8L9kSij5Uj3hyygjbJX%2FBPQEvv1U9byIm8EMACa8mYjH1M7OpzBL6heqay60TOvrAho9vVR0goZoX9Ev89uOPW8STNMSXf4T17nHZIJ%2FLYFfcXFlA8a4sRytlNkPABDDzYz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea5040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame AA71
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMq95KjY24ADFU2HgwcdNSoPpg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202308...

49 B
1 KB

158ms
51ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 08:05:04 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Mon, 14 Aug 2023 08:05:04 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame AA71 36 KB
36 KB 62ms
54ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1164453
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syIl3VyD3R%2FPHc1LpZn15ugDeoo7nODZdUC37quAoaUEvT60c4Q2qH1LA4eQkELkHuhqvU%2BRwwRCAtBt3uUjuG%2FnSaL%2BygCce7TyKFFU0%2Bct9P2UkBc6Ngb8U%2FCB9oApeOxRiy2CyXygtIHn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea4040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame AA71 28 KB
28 KB 39ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2378849
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BrQAirjBrfCxdJhqcHLquF5c00iNx%2BOjwhVzJaa7ltDzOrRu25rZhTtS8U2hijwSo7Tu2%2BlGcT4CX%2BH4Mjcey3PoOeFE29IpsCp5qOBI28Vh7m1u9IOmWUo5WJmAT1hDnlzAk4y38GzZCWe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0cd8ea2040c-FRA
expires: Tue, 15 Aug 2023 08:05:04 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AA71 43 B
705 B 167ms
90ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 08:05:04 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame A646 256 B
333 B 72ms
71ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=e0dca6eb-9d9c-4b90-8da0-2e5e8e48951e&apiKey=FGM9WKG2KZ9P897DVG37&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fcoolsaid.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b84dbe59738bc9c358d32ee7673cf4bd32dd9e40896e7c53bc785c89773eb2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coolsaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:03 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: c9a0efe8-9b3d-4184-a319-129919da205a

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 7BC7 264 B
306 B 67ms
67ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=b8b3d887-ab65-4ee1-846f-41d95101335c&apiKey=H6NX3HJCW6QQKJGGP6FG&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fangela-babies.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

14c535a9a3ab6d5185d5f4a85569cdcf364a5a2b9a485eec88c20346f0859073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://angela-babies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:03 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 13c3d8fa-27da-47f9-a700-f93b41bcfe49

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4323 260 B
349 B 63ms
62ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=86166e84-a4bf-4f12-96e5-ecdcb9de2b18&apiKey=GTWB2N9RZXRY5JXSDJM5&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fjkingtimes.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

ece45dd355ad6a08adc9af6376508b32477d3a6f7bbd6bbb299248b645f7c94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jkingtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:04 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: f7743309-185b-4286-aa56-7bd86008b821

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0DE3 256 B
297 B 66ms
66ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=d0f1f448-4828-4ed1-934d-614e40ebf651&apiKey=23J6S4YK6MVCTD7HCBM8&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fyaya0506.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:03 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 924a7465-4da2-4c2e-b28a-3e3083b0c506

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 03DD 256 B
322 B 70ms
69ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab&apiKey=7S3PRYCYM8HR3CGJBSGF&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fdwjhgx.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

a857be6c72c3a0b032e7732d196ac05f142ba5cb791d5d13322603ad9cbc1ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:04 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 18
x-xss-protection: 1; mode=block
x-request-id: e7289911-47a7-45ce-9ecc-ff18c26209c0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 7CE3 256 B
298 B 121ms
121ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

a857be6c72c3a0b032e7732d196ac05f142ba5cb791d5d13322603ad9cbc1ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:04 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 2d7c251d-d011-435c-aef6-21357057d7c8

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame DE37 0
239 B 1083ms
262ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 96F1 2 KB
1 KB 272ms
271ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: mydesign-cases.com
URL: https://mydesign-cases.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884dd1e05c0a6ff898471594b57f6622537a215737940f818ba3f0dd7bba5964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mydesign-cases.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLdcmEs5Kogmgpp02HG9e4vXeHagmVcxIQSkYFTFto5rGc%2F5ewKm5662liFy24WSBEuozKS7%2B8doCbVOnXuEDdUVJOTxO6BFqaYsiMkE9KvRPINcjGoJgvJAREKko5m4Zxqrd309KpubZewfuLWViFvf1l3b"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0cddaec918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 442F 256 B
297 B 64ms
63ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:04 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: 157943fc-08d1-4c21-8157-bd93b7c42e6e

GET
H2 200 link.html Show response
track.webgains.com/ Frame AA71 1 KB
2 KB 169ms
85ms Script
text/html 13.42.110.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kkyw13s9ty53psp4kkshsyqda2yj5q2sx70z91vmgjdv6c5xzkvwk1r79gn12ybmej4am3vhy0ykaz8bx0kbpszhh0t0p6tn44m32xshn0m6j357fsdp6ewqh0zcdk6fgcgarfgch70en9gv7y98n5fpbrkz5svx6mgmtttpmckza4fxzh21x90kdqv9cav0xs6t4ymm76dh10q2w83v2z0h03r6q5wtv2e8h87mzx82f1ytyr5z5end0a8x65rw2ppt%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%252526client%25253Dca-pub-8798765870329885%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-110-74.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9a7b1f016150a3d34bf4fc59b21dcd9acdbe693ac9c41317246d3bccab167edc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
last-modified: Mon, 14 Aug 2023 08:05:04 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 14 Aug 2023 08:06:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F215 12 B
100 B 29ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dayfgh.com&callback=_gfp_s_&client=ca-pub-9208708170783140&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4A0 44 KB
15 KB 561ms
561ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d654970ebc0854d6bfdb9e555056ab4652f9b13addcd88b7096b53a0018fa51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15572
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F215 15 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d21610ee8369d93cb270806070dbd663c4e2454ae668dc63c57f425440e2399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DE37
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W8As05RvRNCqX7mpfSDseg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W8As05RvRNCqX7mpfSDseg

43 B
479 B

109ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W8As05RvRNCqX7mpfSDseg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 08:05:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2X0DSAQXX47YXSJ8YSB0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=W8As05RvRNCqX7mpfSDseg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame DE37 0
214 B 23ms
23ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DE37
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ACHR3pk8SKCy2FgPPrP27w&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ACHR3pk8SKCy2FgPPrP27w

43 B
720 B

196ms
196ms

Image
image/gif

52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ACHR3pk8SKCy2FgPPrP27w

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Protocol

HTTP/1.1

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 08:05:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZPVBH4YW4GW4CXBR01AK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ACHR3pk8SKCy2FgPPrP27w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame DE37 0
214 B 52ms
28ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DE37
Redirect Chain

https://ums.acuityplatform.com/tum?umid=2
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=813658998581&expires=30

0
239 B

21ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=813658998581&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=813658998581&expires=30
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DE37 0
239 B 82ms
20ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DE37
Redirect Chain

https://s.company-target.com/s/rp
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3b5d2131-c80d-4bc2-b422-cd7240175b2b

0
239 B

22ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3b5d2131-c80d-4bc2-b422-cd7240175b2b
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 14 Aug 2023 08:05:04 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.rubiconproject.com
location: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3b5d2131-c80d-4bc2-b422-cd7240175b2b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame DE37 35 B
163 B 377ms
125ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Mon, 14 Aug 2023 08:04:27 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA70 0
0 127ms
126ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308070102&jk=4383569428738245&bg=!Tk2lTRnNAAaiGN5Pghg7ADkAdvg8WrKemx0RwOgdYW6J_L9W22VppyBSocuoXFPUVkmpjL4yC2w-wUn--_70GE3rzxLam5Pe2ggCAAAAkVIAAAAZaAEHmQLJtNt1i1XOJSYgaWKyYVJXfPf5C4J_2Fli9tfPxfcxceVvcN3LWN2NJaELjg8iyrvpsk_96g2xEIYKNyvdMenqiID2jGxtZAa-Aer5Aoi3q3nL5V6hSwpz8E9nuMMozrZ6Zb-mRy2vnVlMnOCNBPKi10XXHOzN4V9UL1WkfYYx-4uLiHh7MexC72_kqe5YiqYQVmZsaAHnQLbRBvN5nOOeQoiyFZjFxQzzQEqsh17WuKo1KcTdlbVmTs06h-R0z7ZhlF4BPh-uQpX49NNpG9OR_xJnabjji3BystB5TjH__u606j1T3tbYoxiHPU0y6uImUDT8gi30BQk30yjjk9qPFfYNF7L2jbivHCdrMcITVOzxq_pw1e5m2YSXSUgkjGyJimUD5lL24vwLgxYtW9ImAN8JcX56Gmk2IVkp0tiXzf4OGi827ywgedjKqhmEFasJ56sYRXj4DZjxtehddD6fggweUP50AVNtRXEm6LG_0hMNI8sQbuZcnlS9rrDB6xO7Klhlk0Q1N8_rejvklhEEtX5SpcgC-Qi6zV3yn8oNH3IzsTGrJPZK5LcoXOxyMjVvO3L6ix8vNmFvBIu8o5gu3uDeuuZLE0JzerNkhQN8n7FfDPysScWluxMgjrotbsVHMO4HNlvQp8CDqlK8XKuhZJEp9zVJWZ935j31RaRi0M6BA_6XbNeOcmQitiqfO6VX7Qilbb7wyUCaZ1yxzgd-L4gP1iLA6_Kt1IMAWjgp3DFJM2AKC5iR8WoiFV8M2RQljx8nm33d5OvdOSQjZtOIl8EPBENr4xGLtMiz4sLoQ6k7N-Fzr4Cs8EF1mevj2bVL4lWfkfoHQQ6qz_aDynZ5bevy8EPVDWKYLGuhqIa2lhWl9Xt_iWNK56XrEPLidPQ-of48GMnsowr32-vSjRSH-tdckOBkBnU8yRSNl9VxZdzhHEpjuFMyAws
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB58 0
0 127ms
127ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308080102&jk=4174172713156697&bg=!qqmlqf3NAAaiGN5Pghg7ADkAdvg8WkzEKRdzA0cIDTeIISfPqrPJoQT26zV7cD-YUdm3jNNWw6EofDUMTTI1D0SsGtUZacLcYoUCAAAAfFIAAAAHaAEHCgAsT3_EClP02BXA0vSQAAF6zp30DHWn0v4WVs1boykDV7Tkqw5-sigN6peozWGZAtePPrf4NXuALBAMQgbIJX5Bg271R1-DiSe6Z7pV341sZF41nQ_OHFjQNAQUc9kQVDipKMPKnEQUk8paascqYljvbuUg2BC6mKMLDrR00nDh4y0NRQg7wOuHpJs6XFFd-82cO9BV7DaeGDKbom44lGR_CGETdeKhmRO8mI-KsmEKoS8-jRjid5r5QKNgl3CAPAg7XOGqwE6mgGrVaUEb_jEaxsWLAgBiRNSorwaKbld3YMCBdpJT5sBOUzS1bPXuWOuo8dkhwUtdvrKkTkf-1lXP9XQS21wom7vNAIPfTyohZjYVHkyCDQfRIcFKukZr_i90WvqRVfEKDuY_MZBxePTcV4AsuZWDClNZD-KwgOW01LrRxuabLLsbIGdz72iUtx3b8mmwL1V132WldUbcBqkm_vNrzD_5uaS4N2ynOFoBUmyINUfBWAvnOZfZ10NsFn8Ab62tUPu_hcjpBYsX_V-N1bR86mjfnZs6rRkqPbzsSYfxbN-ehrCoJ1WMcgqtnfczSLaGMG5pt_mqLTJSCu73hFgE9jMK-Nn4sLU3tHTkXiJi2qZpRph_wIenVlY0sLbZk7jUaCSiYElBjvJkah4WHyJVd6VCiSfcApH7Grkpb-p11aaE3DhnFeQVgATNEqmiDFlVKvTdR5vWUJpnfOvb44Gjajd6XTv3JzcqDO4qn18N1AaXrkF1gZs9txYpFqzc0U6PnXlQXxGCWMHchDC3juXA6f6HNMXWQ_bzQ36SGJFCrJqFkcjN0EOWt20uhu9w6wZqDCJ3aS3dStvT1R_LvgK6jz48JxeOWh6ffmS2rCYJVQ24rOsCeY0jg7GYO6G_2fjQi0fWVgeqtzL9KIhx26qWLadMMOfFoAzlykXKkk0NApND5nrKkmX3zO4HGaAyLKTHxNMTYh1u1YJGjZfjnFL3dPcezrK63-kQtJkQrumDHzfBwWC1RuoB7G-Ly9uB8dAXemp2
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 587C 0
268 B 247ms
246ms Script
text/plain 52.199.26.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.26.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-26-11.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 14 Aug 2023 08:05:04 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F215 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 08:05:04 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AA71 51 KB
18 KB 105ms
26ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kkyw13s9ty53psp4kkshsyqda2yj5q2sx70z91vmgjdv6c5xzkvwk1r79gn12ybmej4am3vhy0ykaz8bx0kbpszhh0t0p6tn44m32xshn0m6j357fsdp6ewqh0zcdk6fgcgarfgch70en9gv7y98n5fpbrkz5svx6mgmtttpmckza4fxzh21x90kdqv9cav0xs6t4ymm76dh10q2w83v2z0h03r6q5wtv2e8h87mzx82f1ytyr5z5end0a8x65rw2ppt%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%252526client%25253Dca-pub-8798765870329885%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 06:07:30 GMT
content-encoding: gzip
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 7055
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gi9f55ElnXyhpuARvpyB_WrPvxS_OiUxz0cUqdw-RTjeaFS3diKvvg==

GET
H2 429 link.html
track.webgains.com/ Frame AA71 45 B
45 B 46ms
45ms Image
text/html 13.42.110.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-110-74.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA8B 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:01:13 GMT
expires: Tue, 13 Aug 2024 08:01:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 63B8 831 B
555 B 31ms
29ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fca931eedeee292de3db4ffe22555c059a7ad62f9129395f905fb9c5613e6a0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_g4wPPrHxN5HxXYz08UDXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-_g4wPPrHxN5HxXYz08UDXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:04 GMT
expires: Mon, 14 Aug 2023 08:05:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame CA8B 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 11:10:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63B8 0
0 121ms
120ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=932677422131719&rc=
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 96F1 0
0

GET
H2 200 gmifr_lei.html Show response
health-am.com/ Frame 96F1 1 KB
1 KB 305ms
219ms Document
text/html 2606:4700:3035::6815:2afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://health-am.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://mydesign-cases.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f67b0d04eed9010-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5YZh%2B69wyNA%2BV8D0vFlmPHqgZMZtmS%2Bp31wxYdyeIoSMLFoFc0%2BS9Y9YrsAAaapOEmddqggw%2F%2BUkdJnO2its3eDbCShMsYEajbz0dBP9Md3ZOcOyaA2TjLEtiLcphNzaCnvX60LDSBI5sZx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA8B 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?avvuWw
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CC89 42 B
64 B 126ms
125ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5kBGk9aafBfJCd3z00xRXEOD0k0arhA4lnTJ4dQwjgiw00kYCKkLMs4nO_tanGayy4F6P5pnLAKCjyWeDEEMfYJnrXM_cb7LNaT5E&sig=Cg0ArKJSzN56BHmsdgfdEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3507171008&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692000303390&rpt=218&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame CDA4 3 KB
2 KB 27ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=DBQ6T8DY3S7YRBGVN7X5&sectionCode=0ff7b8fe-69ff-46c3-89ae-7d531ebe198a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 144656
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHFtXNYqOvjwq9LrOeaAnUQeSKe5sh8%2BtSuCGhB9v%2BcUQ3FGPbJjTb8inzKMyZ6LoUkBuJMpozFtpcUdXqnSasHZvHpFq33jbR%2BNqVgEig9rPTymdhQW6f6AjB58R5G5zrjKIWINoKiH6fkWDpBV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0d09b33900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:54:08 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame CDA4 69 KB
21 KB 30ms
30ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 474
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CDA4 260 B
303 B 63ms
63ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=0ff7b8fe-69ff-46c3-89ae-7d531ebe198a&apiKey=DBQ6T8DY3S7YRBGVN7X5&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fitigeryou.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

8d456dbc0b49a54dfbdd4fc3e52ce06fb87b5e5efadc728d6e02f38f8aed5c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itigeryou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:04 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 0c719648-4775-497d-bc51-b0def9ffd058

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 96F1 2 KB
1 KB 285ms
284ms Script
text/html 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: health-am.com
URL: https://health-am.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f9a934b2e89c86356cfc8eaf0e19ce5cce3f09edb327510de66bf944211e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlcZDdry%2Bf9nTZXFAJ989rkxZyHoCULXYMjS9LAOBWrD6J%2F5WFdwcuyRWeAgVifnvTthQjHRMKvY5fjBKUn6PtTktWKMzl2u%2BPknd44TYSoPEn7HOhXSqatXYUCZ1EbibFq%2B0VTtcHoNFotPUkYbclN7abRV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f67b0d1b824918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame DCF4 2 KB
2 KB 50ms
49ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c0dad8bf82344201bf9e778ed139bad2dbf3d211b3a09c5f41402638936260

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f67b0d218009bf2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:04 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 4349 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:31:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 379F 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 4349 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 23:57:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4349 179 KB
56 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 08:05:05 GMT

GET
DATA 200
OK truncated
/ Frame 4349 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92673a77151ea47a35cf75655cf9655cc334b28a132d60c43743efe0fd70386e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 379F 0
103 B 36ms
35ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFcSxOc_VW-JZvHBmE7GLAc&google_cver=1&google_push=AXcoOmTqJ5jklgatv2r8ccPyP9mPefzJmPeZHxx1K1Kqhyw8TeTr6FCi9nWOiWsMseB0cD2EUU6qlivIUdNusemvyM51nRFyVX7iTkc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:05 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGTIST3Jtk_8P_1KWQBb7jo&google_cver=1&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGTIST3Jtk_8P_1KWQBb7jo&google_cver=1&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYg...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NTg4NDc5MzczNjk2NTk4MA&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0...

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NTg4NDc5MzczNjk2NTk4MA&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RXpAJpPQdToMkPyjYQ24qgRG3j

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 08:05:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NTg4NDc5MzczNjk2NTk4MA&google_push=AXcoOmQ_-A0dexbmHqgPvtvlkOtUI5uybi1-jvUCPx-XEi8_tZStsg40NEeGYCZNLRl5m4G2HYgz_0RXpAJpPQdToMkPyjYQ24qgRG3j
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 379F 0
12 B 31ms
30ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L83Jxjrvy5pibuN9VJR8v-ROaTQkKnJ98Jd_A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame DCF4 114 KB
14 KB 51ms
50ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 420716
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB2C1ot1YBP8cr%2BRncdMRnThzlWG6nwaAYythagxO%2FRXPhQ9OrultGuzvQf9dJN70zjtNULB3GIBYeX4S2vcioHT3qvIfFfMwHVubKTLkrAse0vPe59QG7qgNfuEnIlDivLU8RrIme4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f67b0d2686a9bf2-FRA
expires: Mon, 14 Aug 2023 09:05:05 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame DCF4 25 KB
10 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 488079
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dksVrPRZRRH%2BDoRZecGGyCFoeWhaJbzgfJvMPEZU7fR2EPnHoujDYSqOfIoZC6CjZYbqwE1flDEbJjjoNwTxGue7lfLBBw45ijoxYPHMHd39XbWi4qJQwy9nf0B8yJwMiiZMNK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f67b0d2686d9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 16:30:16 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DCF4 3 KB
4 KB 36ms
35ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6if6YoK3S5fPOpUjGpPxX0KOguf4%2FIcfA%2BOvKCiyoFweUcWUH7gR3yC2NKlRxZKkltmXdtJt9xM82FUZpqFKIqc2RgO76l72OIOkp3gsroDQNNL14FL9bCJlkMl9x4S73%2BSCrjGgf1ISLLNLN44j7KfG"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f67b0d2cce49945-FRA
expires: Mon, 14 Aug 2023 08:10:45 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2054 2 KB
1 KB 36ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1976352
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f67b0d2c8e79bf2-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 08:05:05 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7NphdVZyTMf%2FeIXnh0mIrslQXFIij9z%2BtiTqcE7iUeLgm5g9SfYcBiVh8k7cRA%2FzqDCVKup4YtPWqGGZzafovtb8rKBUnmsfNTJLCWaft8YRtgelq%2FPr7rSzfu%2B9MxOc5qEWmg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 96F1 7 KB
3 KB 30ms
30ms Script
application/x-javascript 2606:4700:e6::ac40:cc1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10330
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOczC0TqxVoJF%2FZs%2BVlZ0rqkdw4POFWt%2F5tnGyAa7XZgwncIZ9YTa9QsvtFNmaoVnYTRbZBzzZNHLGNdx%2BqxLdkgLhXgZmZANgztsS9p9dJ4ykrLGpAGj8F%2BYGsrs00ViXXbQxp1hsNK3GDGU6mSqDHR5hwE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0d3fb17918c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 05:12:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4349 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRVWPMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSGAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKB3iuG14zwOkw0y47xdIf2C_6rjCuleQ-oz4Jx_7yj-cCMw7t-SveABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MjA4NzA4MTcwNzgzMTQwGAA&sigh=K0VTWmBC7Jg&uach_m=[UACH]&cid=CAQSOwBpAlJWKVpBb0SEOLw265TgwtCCVVw-sQCXG3OnvV75OnRhfKds-l_8nz_pt7Fys4_2GeOmyqYeKNkwGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 08:05:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4349 0
39 B 31ms
30ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1he2f3cgqtjs366g5848hq931stdryzk1pvbb1q7dgcpptmvyay2q6frq3x5k4018ea82agdnx55tv56t1datm2kgfpwdxgfm2dd9kw1yjvxk8yh22e56e1hhyjaa4wqhpqswjgem45abc97dp9f4gap0d4cgeemjgf8ggap5z1r82qxay0ytvwg3e6gsaazh6ze7cp036fgvsrc2gdb6h5jhzvz25aqn8ddd2vdczx88w1rhavxnk7mestpd0dez8n7hwd7dyp2z1c1vdghz4xs9frw2ebc1bnpz73gdpzz6rmx06jsszec8e2dghw47znm6ayja237bvtmqmgdjrvkcgyh096mvmmyfbm6fdp4ad1m3d43yv8vq586sa9dek2k738s12tsav22&b=ZNngMAAHXOIGrRSIAAlSj1xOciAr1JKRV_dtrw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&slotname=2869650812&adk=2760440997&adf=95055631&pi=t.ma~as.2869650812&w=336&lmt=1691993104&format=336x280&url=https%3A%2F%2Fdayfgh.com%2Fdoc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692000304117&bpp=4&bdt=143&idt=244&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&cookie=ID%3D2711ac5037060b38-22ed3cb54fde0061%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ&gpic=UID%3D00000c60634d8b46%3AT%3D1692000302%3ART%3D1692000302%3AS%3DALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw&correlator=2019872947101&frm=23&ife=4&pv=2&ga_vid=1286942092.1692000302&ga_sid=1692000304&ga_hid=1917582062&ga_fc=1&nhd=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3920&biw=1600&bih=1200&isw=336&ish=280&ifk=3250860380&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076924%2C31076947%2C44769661%2C21065725&oid=2&pvsid=932677422131719&tmod=307730823&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dhahmunx23dr&btvi=1&fsb=1&dtd=258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Aug 2023 08:05:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F215 0
0 127ms
127ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=932677422131719&bg=!RUalRhLNAAaiGN5Pghg7ADkAdvg8Wn8rWEHJpX9mmxFcxLUShKj_kse0yC73RUPvZeZyVGgGjs1KqKQg3_ZCajRWCKvEnJT8kVMCAAAAVFIAAAAGaAEHmQMGl92TbdAo8SQ8VKxvA3jljXoIjbwoEZeZ-KD5DE6eHBwzARgxhx-HQlmHlcHVIVeofdxmziVX0p05_gNbEmquoHNmsN2HoJ-LuVCxOvXBY3Q4rTcS88z-7Vaj7rWFtbAk1HXW9Cxv1pDEASI_WWMcR37NJrSN7qqG4RZOv0EPkBcVkPmb_c9KUnixiwAZfrcuL4BsMHZ88QEERYGLlwaPc5Qusndm44LRVUPVbU0aVKK61XAHBzU71uxWpDwdqCbNmNpUjgEF6a5m6oWJOX-xro1rnptjM_21Vo8vHQIZfgtqMA5jvozFYWKVrM4ucrf7fZJYQd2QvUtMmS1nHHTOWpl0msPcQ34PHxQjdTIwQ-kJLRwM2cFDqjPh_iUiDg_PpohWLwrybTSQl50xH_9Tm_Cm2Cv7FqY413QCXY7HO6bAM-cIVJDgqAq2wM12HUft8NQmvJrvNOFpr2l9fbels5i1TjUokeo3Fm_afnuWeaxV_h1NS2Q03pChzfph5dmHINpz1ScWfxhXfOl2f8x-XMW_aaPbeqmdltedK3ByrudQPxU3mRIPuOVi6pDVDCqN2gDkJhyq0pMjkCyQDKCrIitkvto_n2-vk_qU30mqTurCAqm-tgfAA3LK8YMP7rRCKhMsIuBrlAiiOTGy5hTrjWwUWXjhvCOFp1NJo5Kc2miAXLqM8_noFtmOSHCKqioNZafFxZzqukzmy4-_Eo-KthoSJfOGq_tg487wkLNfqCh8c3GPPoX6seyGDw2-K2lQkbfyjiVcWvlQOn7KtIwU2mrnGkuqNzaC2aT8qD88UnT8OYSmcyU7MwSiBhvGz7E1uXxX8Mtq-CYvGYcByCzqTDSBIfxTH1a_wti1vO7mmTbhdupTlqPfA-RsrWizUdirIBOpO1fR53MfLY20s9P-PH_gwnx7DKfcXq4NcLt_peK8IP3F-wrqLUp4qVSnhEAkzRzRchKV19pozeGw5Xzf7VaTPB1nuFUXPZxsC29NeToFNk4OQAW7JbtxWbThlwcxaLJJ0Fqk
Requested by: Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 143ms
35ms Preflight 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 14 Aug 2023 08:05:05 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AA71 16 B
209 B 82ms
82ms Fetch
application/json 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 96F1 95 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Aug 2024 21:18:16 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame DCF4 2 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b305f32a878d670a5e7f4eee65681696250d9bf14ddadf199c99ffb9e429f3c9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmFOOgTJnXgEtfuuH6C8Zet5YbaHqqjRPHlhEoI4rlmgYqztW0qrF1iJgL5gHcIC%2Buy6X7dLuVfiOxbC5UUs78%2FU4TiBct8v2Mm17xZMPmj7DI8quALnpoAirYKF0HwhjjYq0tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f67b0d498801c1e-FRA
x-backend-server: aa-reachservice-group-europe-west1-sxhc
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
43ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f67b0d448281c1e-FRA
content-length: 24
content-type: text/plain
date: Mon, 14 Aug 2023 08:05:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLN8%2FC%2BOGY8gemYdPcjOwT3xViVxJoYmMb%2BI%2FyWt77XQYSeRxQiOps%2FD5KzPASp3dvA034MqvqNt%2FUpChYLoBClvZHEmg3eY83fiRBqP3ilxGRBMHt0v3b7q9Ga4%2Fk74B8vhvnQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-sxhc

GET
H3 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame CBE8 6 KB
2 KB 31ms
30ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 234717
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltESfjq%2BLN94m80PhkJqwvYabhYCSlBppRqt2TfvmKplRdyNbGMkuTffxn166%2Fb8jNi%2FhnAq9wpI65tjaaGav3UN96MTwMTpqJIVHwgdkKU1ggMNfvFA%2FeQFuFbaWtIT6yGxQWdsikzuE3zv5LA%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7f67b0d4af63900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 14:53:08 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CAC0 11 KB
4 KB 46ms
45ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5493acaaf06f3d02a603fe7eeb1a1a322c297c275ffe19bb16d047127e06dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f67b0d4db359bf2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:05 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame CBE8 3 KB
2 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 144657
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJmsRjDyiocM3ekoyKja4sAw9F7Eq2dQDy9X09IjR%2B56igzHLaJ6sm%2FVhuuXzZ9Zd05UGQXopU67GCVmuYTrpCJNO2TNHvZAP8WH4CLN7ZxbqkHf5fTfPbtrqCoF%2Fmp1YUgeyPBddERVtQKRn928"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7f67b0d4efaf900c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:54:08 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame CBE8 69 KB
21 KB 31ms
30ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: dayfgh.com
URL: https://dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:57:11 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3BQ468JD6G85APPM
age: 475
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: XxcDBtmAMA/XShUMXq+fEpgY6h20Q09FdR8jEI9mjyvmCVSHVew8ERTKPaMgJsmIKnjL5Teef50=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame CAC0 114 KB
14 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 420716
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2yoPkIBesWSIB3b4UqyTDGMsdQVA7O9svkxpYoCMLPooMmTRNjfuD5F6TP84Ynn0%2BzcLkoSC68xAxL9z4M7uTqMTAyXb3YLqq9vk1m8TIq3H9DvOV8ITD6iwc5ckHItBFfrw4Sf9ZA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f67b0d52b909bf2-FRA
expires: Mon, 14 Aug 2023 09:05:05 GMT

GET
H3 200 1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame CAC0 95 KB
96 KB 33ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62886
cf-polished: origFmt=png, origSize=155987
alt-svc: h3=":443"; ma=86400
content-length: 97378
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 May 2023 10:34:04 GMT
server: cloudflare
etag: "046c487317a4f122cc1e9773901d1d88"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZlF35MerQ6HQmjtoAUxWdajJL3dAW6zMFMWCsT07Sl%2BRJMgUZh9XRpt8pZvpXIYoqQWwaqRnDRGi2EVVY%2FAJ9MCUjdNBLG7KmSMpnweXukd9FY%2B26nOq7JgLPNwUmIew0YgWg8VQ9XGO4e%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d52b939bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H3 200 F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame CAC0 97 KB
97 KB 73ms
72ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2202018
cf-polished: origFmt=png, origSize=167445
alt-svc: h3=":443"; ma=86400
content-length: 99202
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 May 2023 10:42:06 GMT
server: cloudflare
etag: "cdf0423881e134b37ad0cbff5572a8e7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l16%2Fx4CLiL3ImLft1dIIM4vuCZBSDxSzV4W8vMx9XbiWAOTq8DEXG0oWe6stygXN4sZwPIPn1qCzD7d6YONG47lHzbXVW8zxtN%2Ba6u8tG6LVHl5sehZb6W8GtAgfSJLr6yD%2FNLQZeMAcbHnF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d53b999bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H2

200

/
www.restposten.de/ Frame CAC0
Redirect Chain

https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY

0
0

3223ms
3157ms

Image
text/html

3.65.161.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 3.65.161.116 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Aug 2023 08:04:40 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
cache-control: max-age=0
content-length: 0
expires: Mon, 14 Aug 2023 08:04:40 GMT

GET
H3 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame CAC0 32 KB
33 KB 94ms
93ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 568431
cf-polished: origFmt=png, origSize=60352
alt-svc: h3=":443"; ma=86400
content-length: 32982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 11:40:29 GMT
server: cloudflare
etag: "0c5d451d92738dcd96474c734dc5b7c8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNekKqHxX%2B2BRVO9a0cFl0g1pKwy5wmnbx3v3RESAdQNAqrBI%2B1UyYcupCg2%2B2YcHAI%2FUTCLDQEJ29VcjEa5TOxw8BBVEdBACQN9h00CGWv2Xla%2B5CBwNwOOPXb%2Bc2u31QiaiysjDdQGlCBt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d53b9a9bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame CAC0 91 KB
91 KB 95ms
93ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306023
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG5wA8Sd0AkLDLHymzhwki%2B81VKnBEYVVe%2BGKdRTmBHsWQwXe0Kes%2F65Jf9XBnwAJyBI1TFNmIlgAEOcDer8EsAmdGYg63mEPu4EzZdaDZNRKMPEjGwL0tTZpxIPBR5lYmawTchBXXM4hNNG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d53b9b9bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame CAC0 2 KB
3 KB 114ms
113ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1665920
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdFQhaamtsYNj8BbinABujvaRpHvg1g65qMhBIlk7jc3k%2F3nlmmGlt%2Fd%2Bc%2BkLgJjLaGzuevPBHXLZJFyJpLyPJ9BLJDHII7goQQcfgbYZye2F0vBbon2cufLjzUnbxIqqBxkWnXrqJRp1Iv6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d53b9c9bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame CAC0 253 KB
254 KB 114ms
113ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1857633
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE%2FgOiPZfojW3sFGW%2FhvhD4%2BW4ZjTUd3urh1i9tSQLslTEcWiaSMrGfOID3GSZO0JoxZbKZTeywLK0vY75c1%2Fi9AsRa8lFu1A2hAjI6KiWmsEghZf8zgm9yiRabfhnuDCv34w547VfVW2ftq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f67b0d53ba09bf2-FRA
expires: Tue, 15 Aug 2023 08:05:05 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CAC0 43 B
705 B 69ms
68ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 08:05:05 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CBE8 260 B
327 B 64ms
64ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=edf3c975-487e-4e93-bb98-6aefc2499b88&apiKey=VSG456M5Q7NDTBYP8WCB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fhealth-am.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

c2b0c7f2940d420a60c745f07bfa3962c9e7d825653c7bc95aa3d9a52c6b0ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 14 Aug 2023 08:05:05 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: 24483e49-fb66-48e6-8c83-79d38cfaf6a1

GET
H2 429 link.html
track.webgains.com/ Frame CAC0 0
0 48ms
48ms Script
text/html 13.42.110.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gw8v7fwbpjvstcnjshjb0hz6dch7mcmyfr3vyp1mf1nmgghvapvtb4qt9ahgvdz4y4dregkx8gq8ghhhrrgmsc6zs77vjqm6kr50n4d2hww9megk1bbvnbb5rhznhz54q9k0vpaxjb9qxdf80f5p0d7638nqa4ph0xzrykfvkg4syzk6k7bdhar2q48krz8kmkkhfhs0rk2na3sft026jg0xp2ksbggkwj9zt7n4n6xhvk6sv3ez5gj44n0h27p24%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%252526client%25253Dca-pub-9208708170783140%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-110-74.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:05 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB37 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjGTeuh-2V7xlI8QNLa0lspUcjwFUOy3e6csj5tTO88GBpb3sZAplZoXZmjJqH5w0qGx5QnWOQdxmq6kaPfX47y6gFqsiFCvS4YzQ7_axHI42o62gwVj9xyUsfRsx3RDN9sqHnQpjVsZFQBu8yEtTwdAy-5liKu3qU4TpnML9GveddPyhm2wtJ1P5OBFqD-IFwJkFqUuJ-xmHQHZtY6CPtWOH68HMXkfFaVhJrF6XYYbNnnQTnjSwIjwCTG57XRGidjSb9J7F9nWJ5FvcVCnc7v7Nj0ulCxzjTHuYTFKC4lW2nAHLP4rkyqheIRpjtqsmYsh9ocgLh1xGA7Q&sai=AMfl-YSdiR5Kf4RWcvjKjdOJrMj4kLTbmuZQe0PgEmzBvB5YnpXV0pDwmoTzNV8MDv4xNhbUtujrLAXVzcF7FVFVtksuMw7nx-tppEZKyRSFGWZHPFyFIcf3vexGfTMoWA&sig=Cg0ArKJSzCdi9_fKnJEBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 08:05:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

447cdcd3f974d8c679f6f1d438128cb9fe69c42e4f33e0a45dbaf8c5c59d04e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11819
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dayfgh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 08:05:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1A7 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:01:13 GMT
expires: Tue, 13 Aug 2024 08:01:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8086 831 B
555 B 32ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0458893832a60e0eb55ed67bcc8968aeefe8e269ba5d7c25fd18e45d2b176acf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NzC68CycXD26-yjS291iHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dayfgh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-NzC68CycXD26-yjS291iHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:05:08 GMT
expires: Mon, 14 Aug 2023 08:05:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame B1A7 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 11:10:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8086 0
0 122ms
121ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=1617046438122927&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B1A7 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6kMOrg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:05:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dayfgh.com/	1970-01-20 23:21:36	Name: __gads Value: ID=2711ac5037060b38-22ed3cb54fde0061:T=1692000302:RT=1692000302:S=ALNI_MYKDXSa6qGtY9UR08Zptj3yIzE5MQ
.dayfgh.com/	1970-01-20 23:21:36	Name: __gpi Value: UID=00000c60634d8b46:T=1692000302:RT=1692000302:S=ALNI_MaTbUOB0DlNM8i7418449FtFC4-Vw
dayfgh.com/	1970-01-20 14:00:21	Name: xxxsskguid3611 Value: c239d56d-550f-ee7b-1609-5d6dda9e30ee
dayfgh.com/	1970-01-20 14:00:21	Name: lastlocation3611 Value: https%3A//dayfgh.com/doc_c0RJanNJdjlvU3BuZnFCWWVLNG1hdz09
.dable.io/	1970-01-20 14:18:14	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 14:18:14	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 14:18:14	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 14:18:14	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 14:18:14	Name: _kko_ck_match Value: 1
.dayfgh.com/	1970-01-20 23:36:00	Name: dable_uid Value: undefined
.dayfgh.com/	1970-01-20 14:01:26	Name: _gid Value: GA1.2.2127296343.1692000303
.dayfgh.com/	1970-01-20 14:00:00	Name: _gat_gtag_UA_87942765_23 Value: 1
.dayfgh.com/	1970-01-20 23:36:00	Name: _ga_VCEDQQD6JV Value: GS1.1.1692000302.1.0.1692000302.0.0.0
.dayfgh.com/	1970-01-20 23:36:00	Name: _ga Value: GA1.1.1286942092.1692000302
.doubleclick.net/	1970-01-20 23:21:36	Name: IDE Value: AHWqTUm_CU_98h2ZBHl63LTJzR9lqx8ubtYSqE_HYjlA2ilF15IutYhVVCK_odjQCCk
.simpli.fi/	1970-01-20 22:47:02	Name: suid Value: A965719300AE48F09853F14F122A7DA6
.mathtag.com/	1970-01-20 14:43:12	Name: mt_mop Value: 4:1692000303
.dayfgh.com/	1970-01-20 14:43:12	Name: _im_vid Value: 01H7SH7EG0KGTS31E5G293R8JJ
.pubmatic.com/	1970-01-20 14:01:26	Name: KTPCACOOKIE Value: YES
.1rx.io/	1970-01-20 22:45:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5609244c-5cf5-4dd9-a0b8-4abade2b9a37-003%22%7D
.pubmatic.com/	1970-01-20 22:45:36	Name: KADUSERCOOKIE Value: D7E6AF04-DBA2-4318-AEE3-A9700DB6F51B
.targeting.unrulymedia.com/	1970-01-20 22:45:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5609244c-5cf5-4dd9-a0b8-4abade2b9a37-003%22%7D
.doubleclick.net/	1970-01-20 18:19:12	Name: APC Value: AfxxVi69BgkU5czKnDfR7er_k-k0yxnmoPVXvFC-80UbDBdhXYVmRg
.awin1.com/	1970-01-20 14:02:53	Name: awpv14702 Value: 412871\|1692000304\|468550e2-3a79-11ee-9f65-22389f6b057d
.acuityplatform.com/	1970-01-20 22:45:36	Name: auid Value: 813658998581
.acuityplatform.com/	1970-01-20 22:45:36	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAMvqNdXNlck1hdGNoaW5nSWTEkWxhc3REcm9wVGltZU1pbGxpcyUBRHxiO2uKmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR8Yjtrio90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.company-target.com/	1970-01-20 23:36:00	Name: tuuid Value: 3b5d2131-c80d-4bc2-b422-cd7240175b2b
.company-target.com/	1970-01-20 23:36:00	Name: tuuid_lu Value: 1692000304\|rp:0
.o2online.de/	1970-01-20 14:10:05	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkyMDAwMzA0dmxlYTFkZTIwMjMwODE0MTAwNTA0ODc4NzM3MTk1MjFYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 14:10:05	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:10:05	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081410050487873719521X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkyMDAwMzA0dmxlYTFkZTIwMjMwODE0MTAwNTA0ODc4NzM3MTk1MjFYMTE3NzAzVjEyMjYxMzI3MDJNU
.amazon-adsystem.com/	1970-01-20 23:36:00	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:32:38	Name: ad-id Value: A9P81_5XmkSAjnCV0AvEyk4
.adform.net/	1970-01-20 14:44:38	Name: C Value: 1
.adform.net/	1970-01-20 15:26:24	Name: uid Value: 1095884793736965980
.awin1.com/	1970-01-20 14:02:53	Name: awpv20044 Value: 412871\|1692000305\|47342e80-3a79-11ee-9f65-22389f6b057d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
t.adcell.com/	1970-01-20 14:04:19	Name: ADCELLvpid10797 Value: 309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%23%23%23%23%40%40%40%401692000305

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dayfgh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
rendering	warning	URL: https://19globalnews.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dwjhgx.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://yaya0506.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://jkingtimes.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://coolsaid.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://yaya0506.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://angela-babies.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://itigeryou.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dwjhgx.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1ke9n0nkcvbc8wxeqtznn0h32my6k3k6et2zmm2qn0340w1328695fezv2bj7269jzgypprxj4z2aqxvgfyat79bn9bfccwne22h8y80e34nsyj2vrghbz1ca4bpg1yth4fj5bpp0n7fw34e4dxe47skvrb204fgvqm0yxmsnfmfxa5qf9t1gx46jy4s64f14exrjwxhhgbe3ww3pg6fp4dvdt1ep1hb5fv8bgbyn2c12s3w7g5yrhkrxpqdjjfad00x04gzvncc2anzrtf0n4dsb9qpxm421xx01cdv89804zmq72whzqextq7tn42hg3xqg3cvgx3fc9s5yks2z1hj2pqb32z0h22sk2p073cddypv7jd1c11m8dkr57nf21v4f3qzdsm5hk30p47fc237crp442gpsvnvqq3t8kdqnx261708ed9z48z3w01gn5q8mh88fgm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%26client%3Dca-pub-8798765870329885%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
rendering	warning	URL: https://mydesign-cases.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
security	error	URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=00ba64512ca79e7498273ba385d732f5%2F12566542731667916794&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000304109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jw4afx3rwf1zzg24jy1q5xd78g7jngswn0v0ytf86hd8ww56aahtenebbhqas1k215f8mgcez777n8yksbkkwhdwdbc7zbshr7hz4k1tg8c85225747xm1kwgff56sky2e86mvh00y03h9vyb1pk5qqm74ksjtkjt9nerd155yx9d7r90wwp3sv5fjwa4m1be2ypxdrxb3t5gjt73mdnm2hycf2zybrdemnrnta8ekj5zpcqfcyhm05xay3jmev262kcrcwsz18ex0wztsm2a8080%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwfK3LuDZZKOmO9O9lgSHn6OoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItODc5ODc2NTg3MDMyOTg4NcgBCakCqD1f4W5esj7gAgCoAwHIAwKqBPwBT9C5wP9eEW4afBal-kkWUi-9U4kx5ge7OxPirvCrknjXRq9Tea69uUPBjsRlsEKkUiMIZeFQYNt4fC3ddPb7v9x1Woof5m5loWtBcJjNVUw1Ch6iJrpz_QTTqO2dTRvEyI-PR8681_LVblEhHK18vhCPc8ciVpWIA-4U7ZpuGU_CANMLdDjOWnQ8gDz4tbIg2FGBzBRgKrOevUa3sXQFkm-Nx6LTCKXdj1J5Jvwme1hFTgBNy9rPxZOweFSEvKWiZK_PYE-m_9iKvqv_9K8x66gci5x3Vo03MQhE1KL5vNRxOeIYre5Pl_SQ_CZlcFzOch1Liu4rQSFtwAsO4AQBgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3-HOVx-yKyQD1T95IRVS6-q5TrBw%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
rendering	warning	URL: https://mydesign-cases.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
network	error	URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941 Message: Failed to load resource: the server responded with a status of 429 ()
rendering	warning	URL: https://health-am.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hcgc1323yx40ag8x5ytv4dwmptevk1mf0p3hme7t8abkqwpnkvvg6hdgg7qgs3n6kd5c3cv6xfp6q46ecfanxf8yd92pcj3ggjy65nqxe919r02dr7g3rmx7pzj8jm4ez4st8mcx40e269af10hdxdyh6dcsy9q4b5dynh318p6grq364h3rteg8knqqfpjrt7cvbwzvyvwh18axcr666g3f2bv09thvv4j6g7v7szskcwkbt45jd5j25apne3p8ffmsqbvfqdmgayvqnsk8dy44mz5rp2fckgnxhd63mmcva4eg030r8f3312e58dnyt69nxm03g3a673v15w1vfzy6zaw259mzy5prbd2jsq2kcg813ej0hrcakmwm5y4b4t27wb33z3hnyz6nrxm3g7xkaedxtr43dmw4jnng7knw24tqs76y191g8p43ace2ceykr8s4xwg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%26client%3Dca-pub-9208708170783140%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=300&d=250&e=&g=161cb5bce2aebd4a08a1e9bde4a3eca7%2F373526839064781870&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692000305352&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%2526client%253Dca-pub-9208708170783140%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gw8v7fwbpjvstcnjshjb0hz6dch7mcmyfr3vyp1mf1nmgghvapvtb4qt9ahgvdz4y4dregkx8gq8ghhhrrgmsc6zs77vjqm6kr50n4d2hww9megk1bbvnbb5rhznhz54q9k0vpaxjb9qxdf80f5p0d7638nqa4ph0xzrykfvkg4syzk6k7bdhar2q48krz8kmkkhfhs0rk2na3sft026jg0xp2ksbggkwj9zt7n4n6xhvk6sv3ez5gj44n0h27p24%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtrwattw4e0m6ag4j7pcd0nbc51ffbm1pda9rh0qnj1pvbwy0pfcr40erj4nj6nrab27q3mrxcswst8z7g098002grp0jfjbawqrs30vxejrh3bq8myjpynwvec8qdjfn28bfsrk1z81k13kx2b45xvj5hfkr4fm7cqp4g8k6rzaa1tb13pynepb4qk7aswwek9kfyxj0d3xt6jdck1pvzgr6v6qktc87e412x1ra88vqk3spqqba3aa9rbmvn9j961gbxk1j9z4a1mdr2bz2f2pr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmvWyMODZZOK5HYiptOUPj6WlyAmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTkyMDg3MDgxNzA3ODMxNDDIAQmpAqg9X-FuXrI-qAMByAMCqgSJAk_Qb_3YFXB9YAqvW3i9D0WQL4yIefT3B_FOgLgmspTfYSQ1uJwiJyeePSRKOWHmjZEZLXS_RHshPQodBQWuNylfAYdaPj8vhUYgDQ2SFMIG6rIb-Ot4ZLonl4rZUKl4Z7hbnUFznsyefmqu0i49ebLWK9whRGPMxVe7KJs2thFqKXhZMYWVpZMDVIqDd-VHLT3iBgf_b08NpxxOH9R1juXeJUOHMvBFSkrxJ0IY0g0158oMQXNpku-dbouKZsX-zf5YevtiPX73f_OMGXkju8EYXoH8-3VfPb9yEqPhhXKBnCmnRVsJvQz8TMZnrs5k-ce_hoavVxd1T0A4bUQ35-yUFmfhCj-IJsuABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1yHrSTD-73ajBySbB1bctm7UgagA%252526client%25253Dca-pub-9208708170783140%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19globalnews.com
3d74528f01b8c239e00611b13f91fa26.safeframe.googlesyndication.com
96d84fdb5fb246803137855db3bda5a8.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.sitemaji.com
ad4m.at
ads.yap.yahoo.com
ae58298f52b24e6ccabbae485dbd00ab.safeframe.googlesyndication.com
ajax.googleapis.com
analytics.webgains.io
angela-babies.com
api.dable.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
bttrack.com
c1.adform.net
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
coolsaid.com
count.dayfgh.com
count.xxxssk.com
dayfgh.com
dclk-match.dotomi.com
dmp.im-apps.net
dwjhgx.com
eus.rubiconproject.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
health-am.com
image6.pubmatic.com
itigeryou.com
jkingtimes.com
js.akusehat.info
l.logly.co.jp
match.adsrvr.org
mydesign-cases.com
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
popup.dayfgh.com
prod-rtb.ad4mat.net
region1.google-analytics.com
s.amazon-adsystem.com
s.company-target.com
s.yimg.com
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.dable.io
static.intentarget.com
static.xx.fbcdn.net
store.dayfgh.com
sync.1rx.io
sync.logly.co.jp
sync.mathtag.com
sync.targeting.unrulymedia.com
t.adcell.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
twstat.dayfgh.com
um.simpli.fi
ums.acuityplatform.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.restposten.de
www.scupio.net
www.telefonica-partner.de
yaya0506.com
static.intentarget.com
104.102.45.165
104.64.126.246
108.138.7.64
119.28.16.172
13.42.110.74
141.226.228.48
142.250.185.70
15.197.193.217
151.101.129.44
154.59.122.79
167.233.13.224
172.217.16.130
18.135.31.191
18.66.147.120
185.29.134.244
192.132.33.46
198.47.127.19
2001:4860:4802:34::36
209.54.182.161
23.35.229.251
2600:1901:0:76b9::
2600:1901:0:e207::
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700:3030::6815:5bf1
2606:4700:3032::ac43:cfb3
2606:4700:3034::6815:42b8
2606:4700:3034::ac43:957d
2606:4700:3035::6815:2afb
2606:4700:3035::ac43:91e7
2606:4700:3037::6815:3411
2606:4700::6811:190e
2606:4700:e6::ac40:cc1e
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:801::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a02:2638:d::d
2a02:26f0:480:25::1726:620a
2a02:cb40:200::242
2a02:fa8:8806:16::1370
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.112.164.126
3.65.161.116
34.91.62.186
34.96.71.22
35.186.215.140
37.157.5.133
46.228.174.117
51.89.9.253
52.199.26.11
52.94.220.185
54.180.52.191
69.173.144.138
69.173.144.139
69.173.158.64
84.200.5.215
87.248.100.136
92.123.150.201
02df9b43f75eb2a3e8ea52312db4ba18704397d7734954247f0e9530f2e5bad8
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0458893832a60e0eb55ed67bcc8968aeefe8e269ba5d7c25fd18e45d2b176acf
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7
0dbf44d48e692878fcf1fc9d6bb75628ff66225cd1fdb7ced1c79a88022ed29e
1277be7ab9cc4931299697aa121b38fbbc3c609c2dcec0b58702bec1739877a9
12f5ead3b50b92858a374f6e67025365caf4c65d11cddb5e5d6f6f0c6bc59c47
132530fa00eb479d0398d86cfd51e44da5112ea5f2a23ab791edbae4ab8d240f
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14a5669aa469e3ce6379a87370e9834af21ed187e1141cf9e07ab25e880f28df
14c535a9a3ab6d5185d5f4a85569cdcf364a5a2b9a485eec88c20346f0859073
16ad6fb4f790439cf5a9932294c85a1120559a0019e3031e5ff3bd0939929706
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e57ff185326b9627af4ff21e7c8843f1b582773944e164be76b158f56e95685
225b546f1fe1c6bb838705b277df69d737f6244d03df0827051f848ecc1d1d60
238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba
24a692a33cc0444d30fd968fa73a62bc43f15ec6b392f4ba79b854ca656bdc66
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270932e7bbdf9fec06b0e7228dd5f884e5ec47f93bd0cdea44295038d68f532c
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
28466467d24438904b378eb4d9b06e6b4741d91e2c90dcff05064ff2aad0657e
2a8f184d502cfefd44031f0ac43fc0ebdaef2410d5e34545b0f098cd291e24ef
2b1cd0f055b691370a8c4fa946467ca19e275eed7e57137862735f51dbf42396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec1a7971b91370d32b4c2dce88dbd5fd3f2d4f978a6789764013f9aa84d2a5c
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2ff35fce167fdfacbd9e733d6c5a7f09983c3366592a9fa7fe1437a955c246b0
30302ac1314f6e26ba6c23ca8152f7fbaa2f811d53834c2404164904efcc657b
314b0806f5e1df6f4636c6844a2a75e1870128e3dbea79f1dcfd4437e528c953
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
363e5af9e7e324fac9394f52736c031abca388517b1fb7007ba054e26dbf1517
3d3a794bb12b41d963c52713c8d3593a433baffd8527c9383df26f654b90c224
3d58987c82251409a1d5a6da9922166deba3e4604527956b568f3aba4c8563af
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
414bd2efdc0a5a6692a4ec47d0432c40abcae989d717f439a98f4bfdf8323d48
4310e01a7081b33d628644165bc27d19e7d8944c5abf76f148a13d1a41e7a8e6
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
447cdcd3f974d8c679f6f1d438128cb9fe69c42e4f33e0a45dbaf8c5c59d04e3
4648dc535c835e7a522e8b82cfe56c7835ec806e90f83878164b451455a86222
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
50f9a934b2e89c86356cfc8eaf0e19ce5cce3f09edb327510de66bf944211e82
53c5141214a0bda88177b4a58b8626769164a09d0a566dd21fa0006e2d2eb2e8
54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
56dd106a5092ad32bba7d7fe2e942c86c1f14a3f80b22c2a8b031ff49eca537b
597c36a7e004ed28c62473922198e84646116fdeeefa20d8725cb5a74513759c
5a52c4e351818d15f256764160d164a8465216e382e085c0c1d731c4e7db2ed9
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255
5b5493acaaf06f3d02a603fe7eeb1a1a322c297c275ffe19bb16d047127e06dc
5c07122bba24d54984db4d17c6203d8d24cf28719c81269cdef7f014133732b2
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
65a95464e715055501388ec81fa6b56287033f43f6eac2e1228e44d84a68333e
666ef8c31f4ea228fcb6d251080d9b2dcbebbcb7b063ab3c67156f0f0127d82e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbcaa5fcad314157f806d8d6bed7465ad9591f58cbc8de1e22357346af8645e
6ec4fe68b927b4cd6d6b99e1341382c8881ca80840ea96f36aafb6468e204c5f
6ed67af88de67d86f657470c49dbfea2c5b073611c965801aa5bdf15b2de5f1b
6f2206d0dd50bbd82d3d3adbea200da2f2cdec53146bcb8ca5de02e7f46b0cf4
701e81659d567c98998ad7fe342f4621671e06a10d83e1e223d23e6b03be73fc
70bd91ec546859cd1211b511e558432215c78f8cadcccd619f758d3bfe0b653b
73f28b4657d7b84f2e70900031bb831317327a0b877fa210eea4da0c5f2a73d9
7486b8da065321a5bff28441aee66bb071575ab6ff8b4814ef2360be5f2abbdc
74dc2ed6aaa60697ee0c9725bb97047b39b2370600bc4fc5dfa6f5cc798e97d3
7f68d970d2b924a1dc2b863204dc36e35995bf85d97d3fc845c7ad08da58a9df
85b7fe5c50b0cd31dfd354ed45f603b21296ba2537a2e216a19dcca08949d425
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb
884dd1e05c0a6ff898471594b57f6622537a215737940f818ba3f0dd7bba5964
893752c8713ba6eee5b13fd785172edcf59eccb406d9c7f808ed374e1264a563
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff
8c6f61cca00baa6580d007f97dbb6816795a2ffef2379ac19468ec0ab9061425
8d182d9e2c54cbbd82b3721938c84ac469b3f218e2a110bb48cb647ac3c95428
8d21610ee8369d93cb270806070dbd663c4e2454ae668dc63c57f425440e2399
8d456dbc0b49a54dfbdd4fc3e52ce06fb87b5e5efadc728d6e02f38f8aed5c00
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
91f690a5b1a28ed5c14cf07f3a17b1483694f6e2ad5b53379cdc7f3031a5f561
92673a77151ea47a35cf75655cf9655cc334b28a132d60c43743efe0fd70386e
954551e76af51b5d98aa0c5b48aa56a71da936423f4d387f42e8d111aabd997e
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
988a1f4d18b0c06a8871be521ed4fa942462e227d87efe43b76d1f17faf8cd26
9951b0adf946b63289a2f704fc2fa85f4279144e224c4fc5a27a9f5d51d68a50
9a7b1f016150a3d34bf4fc59b21dcd9acdbe693ac9c41317246d3bccab167edc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9e2e20166e6254c059bf12365aa4665e29e6ea2ae8ab50706be47617c72617e6
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a54acb2e1b65d3ecc19ef034500335fb431a072ad6033fb6b38dae887084b9f4
a564f4534d26c923bf3aecc2f0424a58f210598f4382dc80325177227833622c
a857be6c72c3a0b032e7732d196ac05f142ba5cb791d5d13322603ad9cbc1ef6
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a8c049fe4b1d033a39b108513180a7c30ecb6c38cfa14196b4dcf53da5be44ec
aa7a0c1c10c8752d58842085bb4cbc84a119b5e7bfa4dd1b697c0396c76d06fd
ac82a8389d74c157056619807ad8de3de970332a422bb6c85f4ec853274d752d
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b305f32a878d670a5e7f4eee65681696250d9bf14ddadf199c99ffb9e429f3c9
b5810f0d97a5e94360f9748483c1cd4c1a8046266a38498331f9ea368ed3ff01
b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
b84dbe59738bc9c358d32ee7673cf4bd32dd9e40896e7c53bc785c89773eb2c4
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc1b7780605422d8aacffe9fba910e905d1469a4383ff80cb12b61e675554cd6
bd1582ce09e0df2672ddfc804bd2264ee76729d3ffc92ff3bc7835bab4d8e9df
be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c
bee3f2c706962c10237bf98f7c29b01c268f00ac7996e5bea58f1c8e3b5964f1
bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d
c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b0c7f2940d420a60c745f07bfa3962c9e7d825653c7bc95aa3d9a52c6b0ea2
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c4e65f32d3d1108eae4d7719c7127caa8f81ce52365d86c89516190c2edc619b
c7c0dad8bf82344201bf9e778ed139bad2dbf3d211b3a09c5f41402638936260
c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca
cb39eee4c3bcf5efa835acfd99df83537516c692f4c15148b1a1d1e8fc5e7c60
cbde04eb519d5d0d6d911ad123c3221438e9c9aec3fdf2cd33d28c9e940803dc
cd19169d5f40955a438c1c9caa8ed0e3a0bb1cf8494a9f289d823fa222cefaff
d654970ebc0854d6bfdb9e555056ab4652f9b13addcd88b7096b53a0018fa51b
d67c2162a75304bdc272afe72695e03c1f256cf457e2252e088c304f875e9068
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
d80a6f31c418d0fc2157f1a2ff395db73ac0af1e699179e17279d6e17324e4ed
d92541031327789302d4c7762f1cec73a82d41e2b047c2e95dfb2224edd476cb
da543cf867e15963715895a72d3324daa9371b05afff55c5cbc64b68d60c8352
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbca18677881c6b30b896593ac6dfcfebec76dc3c2d6849123a8986308b5266b
dd02fc3bac12b49c49ac918d7a1939ab7ddb0f81dfa4017a8ddd6a786e173c3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfda27eebb9eee8a7a9e5edcf525d9bdf44bee9af607e258f1a3f749c5b46c03
e24ab043cc122c53e376c85a62218b70bbd5eed1e10ee1603fad1c7e6c08d3fa
e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192
e2e75b8205220fcee40c0690116ce04c6a385cd4cbeab55d2fc35f2c212ba487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4194765d217bafdc39788add0f58dd2f36e0cdb26c0dd510a25f04e40d6c9c6
e6b6a035821f83e7f4f03f0279468d3454d71105eefd63c26db9f02dfa39e695
e73b9e770f530945fb2ba1dee1f40c1a0658441381fe982770cf3d57994a2db7
e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ec38e96687494a80a93d75e9d6fff292a3fd049b4da3fc869a86c5e290cd9416
ece45dd355ad6a08adc9af6376508b32477d3a6f7bbd6bbb299248b645f7c94a
ed25da582573d39d640e589b9ff95edc717dda82c50ecd7874cc6fc3bd269ef2
ee19e9916b53bc4a9e1675b1992b03c7264d295738302f60839218a4afa8a230
ef1804032c92aa52f306d23d954cac3ca099600a9d5c9f7dc6682b1e3a1f0f49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
ef4d0d0fac1ef08cc8a3f918230f58416f1e316bc29294f01f9be4fc08536c53
f0da590ffa13d466046911f414fa7add003161b37340453535aa8cee9fb3cbd8
f1e06f377f7ccbf7f306ff91c3159988e48e755f894f3ef2ff8851964373f672
f218df25ddc056b6a52718f1934823ee73d0da40d42d8d469f9a9ae3c9b583c6
f7adf697b2dc38c504449e5aa8d1dc1070b563341464cf5516a93ada8d86dea3
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f98420b05e6b8a874c377fd42c9c24175c280c7721982d033b3e32990a10c230
f9b28b1fe68411eafbcc739b0406d05d494378670aa7f3bb4caa9e5330ae0c26
faeedbca01f481fa080d1abb45faef7025c26cbbdad18bc3c7f4d5e4cc8a771d
fc3ea80ea28a11c2a85293c5af7982e393703850cc0895dedc23d6b0ed0a8cbe
fca931eedeee292de3db4ffe22555c059a7ad62f9129395f905fb9c5613e6a0b
fdf8c0d99813117b4ab67052fea18f43fc6b3fcec0a5e502ffc1d4f6322d00e3
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ffae8467ccd390359968de3bd4e0f29377e381e265b8505addf44cd5bbfe03fc

dayfgh.com Open in urlscan Pro 2606:4700:3032::ac43:cfb3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

353 Requests

93 %HTTPS

49 %IPv6

59 Domains

87 Subdomains

60 IPs

12 Countries

6203 kBTransfer

13915 kBSize

38 Cookies

0 Outgoing links

Redirected requests

353 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

dayfgh.com Open in urlscan Pro
2606:4700:3032::ac43:cfb3 Public Scan

Screenshot
Live screenshot

Full Image

353
Requests

93 %
HTTPS

49 %
IPv6

59
Domains

87
Subdomains

60
IPs

12
Countries

6203 kB
Transfer

13915 kB
Size

38
Cookies

353 HTTP transactions
5 data transactions